Rule Update
21-056 (December 14, 2021)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache Storm Nimbus
1011236 - Apache Storm Command Injection Vulnerability (CVE-2021-38294)
SolarWinds Network Performance Monitor
1011229 - SolarWinds Orion Patch Manager Insecure Deserialization Vulnerability (CVE-2021-35216)
1011221 - SolarWinds Orion Platform 'SaveUserSetting' Improper Access Control Vulnerability (CVE-2021-35213)
Web Application Ruby Based
1011243 - Grafana Path Traversal Vulnerability (CVE-2021-43798)
Web Client Common
1011240 - Chromium Memory Corruption Vulnerability (CVE-2021-21118)
1011244 - Chromium Sandbox Bypass Vulnerability (CVE-2021-21132)
1011239 - Google Chrome Type Confusion Vulnerability (CVE-2021-30588)
1011238 - Google Chrome Use After Free Vulnerability (CVE-2020-15994)
Web Server Common
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
Web Server SharePoint
1011224 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-41344)
Web Server Squid
1011234 - Squid Proxy Multiple Denial of Service Vulnerabilities (CVE-2021-31806 and CVE-2021-31807)
Zoho ManageEngine
1011237 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-20130)
Integrity Monitoring Rules:
1010856* - Linux/Unix - Static boot loader files modified (ATT&CK T1542)
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Apache Storm Nimbus
1011236 - Apache Storm Command Injection Vulnerability (CVE-2021-38294)
SolarWinds Network Performance Monitor
1011229 - SolarWinds Orion Patch Manager Insecure Deserialization Vulnerability (CVE-2021-35216)
1011221 - SolarWinds Orion Platform 'SaveUserSetting' Improper Access Control Vulnerability (CVE-2021-35213)
Web Application Ruby Based
1011243 - Grafana Path Traversal Vulnerability (CVE-2021-43798)
Web Client Common
1011240 - Chromium Memory Corruption Vulnerability (CVE-2021-21118)
1011244 - Chromium Sandbox Bypass Vulnerability (CVE-2021-21132)
1011239 - Google Chrome Type Confusion Vulnerability (CVE-2021-30588)
1011238 - Google Chrome Use After Free Vulnerability (CVE-2020-15994)
Web Server Common
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
Web Server SharePoint
1011224 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-41344)
Web Server Squid
1011234 - Squid Proxy Multiple Denial of Service Vulnerabilities (CVE-2021-31806 and CVE-2021-31807)
Zoho ManageEngine
1011237 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-20130)
Integrity Monitoring Rules:
1010856* - Linux/Unix - Static boot loader files modified (ATT&CK T1542)
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.