Rule Update
22-019 (April 19, 2022)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Database Microsoft SQL
1000917* - Restrict Microsoft SQL Server XP_CMDSHELL Procedure
MySQL Cluster NDBD
1011389 - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21355)
1011391 - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21357)
1011390 - Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Vulnerability (CVE-2022-21356)
SolarWinds Network Performance Monitor
1011384 - SolarWinds Orion Platform Unrestricted File Upload Vulnerability (CVE-2021-35244)
Web Application Common
1005402* - Identified Suspicious User Agent In HTTP Request
Web Application PHP Based
1011392 - WordPress 'Ad Inserter' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0901)
1011388 - WordPress 'Modern Events Calendar Lite' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2021-24946)
1011393 - WordPress 'RegistrationMagic' Plugin Authenticated SQL Injection Vulnerability (CVE-2021-24862)
Web Application Tomcat
1011322* - Laravel Deserialization Remote Code Execution Vulnerability (CVE-2021-3129)
Web Client Common
1011394 - Foxit Reader Use After Free Vulnerability (CVE-2018-17705)
Web Client VNC
1011373 - TightVNC VNCViewer RFB Connection Heap Buffer Overflow Vulnerability (CVE-2022-23967)
Web Server Common
1011343 - BMC Track-It Information Disclosure Vulnerability (CVE-2021-35001)
1011377 - Django Infinite Loop Denial of Service Vulnerability (CVE-2022-23833)
Web Server Miscellaneous
1010461* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2019-0230)
Web Server Oracle
1010223* - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Database Microsoft SQL
1000917* - Restrict Microsoft SQL Server XP_CMDSHELL Procedure
MySQL Cluster NDBD
1011389 - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21355)
1011391 - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21357)
1011390 - Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Vulnerability (CVE-2022-21356)
SolarWinds Network Performance Monitor
1011384 - SolarWinds Orion Platform Unrestricted File Upload Vulnerability (CVE-2021-35244)
Web Application Common
1005402* - Identified Suspicious User Agent In HTTP Request
Web Application PHP Based
1011392 - WordPress 'Ad Inserter' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0901)
1011388 - WordPress 'Modern Events Calendar Lite' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2021-24946)
1011393 - WordPress 'RegistrationMagic' Plugin Authenticated SQL Injection Vulnerability (CVE-2021-24862)
Web Application Tomcat
1011322* - Laravel Deserialization Remote Code Execution Vulnerability (CVE-2021-3129)
Web Client Common
1011394 - Foxit Reader Use After Free Vulnerability (CVE-2018-17705)
Web Client VNC
1011373 - TightVNC VNCViewer RFB Connection Heap Buffer Overflow Vulnerability (CVE-2022-23967)
Web Server Common
1011343 - BMC Track-It Information Disclosure Vulnerability (CVE-2021-35001)
1011377 - Django Infinite Loop Denial of Service Vulnerability (CVE-2022-23833)
Web Server Miscellaneous
1010461* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2019-0230)
Web Server Oracle
1010223* - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.