Rule Update
22-004 (January 25, 2022)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
H2 Database
1011281 - H2 Database Console JNDI Injection Vulnerability (CVE-2021-42392)
LDAP Client
1011269 - Identified Java Code Download Attempt Over LDAP
Web Application Common
1011103* - PHPUnit Remote Code Execution Vulnerability (CVE-2017-9841)
Web Application PHP Based
1011278* - October CMS Security Bypass Vulnerability (CVE-2021-32648)
1011266* - WordPress 'All-In-One-Seo-Pack' Plugin Remote Code Execution Vulnerability (CVE-2021-24307)
1011264* - WordPress 'Popular Posts' Plugin Arbitrary File Upload Vulnerability (CVE-2021-42362)
1011100* - WordPress 'WooCommerce Blocks' Plugin SQL Injection Vulnerability (CVE-2021-32789)
1011283 - WordPress 'Wp-Stats-Manager' Plugin SQL Injection Vulnerability (CVE-2021-24750)
Web Server Common
1011279 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-45046) - 1
1011274* - Microsoft Windows HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2022-21907)
1011262* - SuiteCRM Remote Code Execution Vulnerability (CVE-2021-42840)
1011285 - WordPress Core 'WP_Query' SQL Injection Vulnerability (CVE-2022-21661)
Web Server HTTPS
1011247* - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2021-22238)
Web Server Miscellaneous
1011253 - Jenkins 'Active Choices' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21699)
1011163* - Spring Boot Actuator Directory Traversal Vulnerability (CVE-2021-21234)
Zoho ManageEngine
1011284 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37918)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
H2 Database
1011281 - H2 Database Console JNDI Injection Vulnerability (CVE-2021-42392)
LDAP Client
1011269 - Identified Java Code Download Attempt Over LDAP
Web Application Common
1011103* - PHPUnit Remote Code Execution Vulnerability (CVE-2017-9841)
Web Application PHP Based
1011278* - October CMS Security Bypass Vulnerability (CVE-2021-32648)
1011266* - WordPress 'All-In-One-Seo-Pack' Plugin Remote Code Execution Vulnerability (CVE-2021-24307)
1011264* - WordPress 'Popular Posts' Plugin Arbitrary File Upload Vulnerability (CVE-2021-42362)
1011100* - WordPress 'WooCommerce Blocks' Plugin SQL Injection Vulnerability (CVE-2021-32789)
1011283 - WordPress 'Wp-Stats-Manager' Plugin SQL Injection Vulnerability (CVE-2021-24750)
Web Server Common
1011279 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-45046) - 1
1011274* - Microsoft Windows HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2022-21907)
1011262* - SuiteCRM Remote Code Execution Vulnerability (CVE-2021-42840)
1011285 - WordPress Core 'WP_Query' SQL Injection Vulnerability (CVE-2022-21661)
Web Server HTTPS
1011247* - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2021-22238)
Web Server Miscellaneous
1011253 - Jenkins 'Active Choices' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21699)
1011163* - Spring Boot Actuator Directory Traversal Vulnerability (CVE-2021-21234)
Zoho ManageEngine
1011284 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37918)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.