Rule Update
23-032 (July 25, 2023)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011585* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerabilities (CVE-2022-36957 and CVE-2022-38108)
1011704* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)
Web Application Common
1011718* - ThinkPHP SQL Injection Vulnerability (CVE-2021-44350)
Web Application PHP Based
1011826 - Roundcube Webmail Command Injection Vulnerability (CVE-2020-12641)
1011435* - ThinkCMF Remote Code Execution Vulnerability
Web Application Ruby Based
1011509* - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2022-31097)
Web Server Apache
1009170* - Apache Server Side Include Cross Site Scripting Vulnerability (CVE-2002-0840)
Web Server Common
1011646* - Apache Airflow Command Injection Vulnerability (CVE-2022-40127)
Web Server HTTPS
1011505* - Node.js HTTP Request Smuggling Vulnerability (CVE-2022-32213)
Web Server Miscellaneous
1011177* - Atlassian Confluence Server Arbitrary File Read Vulnerability (CVE-2021-26085)
1011825 - Jenkins 'File Parameter' Plugin Arbitrary File Write Vulnerability (CVE-2023-32986)
Web Server Oracle
1008688* - Oracle Identity Manager Default Account Vulnerability (CVE-2017-10151)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011585* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerabilities (CVE-2022-36957 and CVE-2022-38108)
1011704* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)
Web Application Common
1011718* - ThinkPHP SQL Injection Vulnerability (CVE-2021-44350)
Web Application PHP Based
1011826 - Roundcube Webmail Command Injection Vulnerability (CVE-2020-12641)
1011435* - ThinkCMF Remote Code Execution Vulnerability
Web Application Ruby Based
1011509* - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2022-31097)
Web Server Apache
1009170* - Apache Server Side Include Cross Site Scripting Vulnerability (CVE-2002-0840)
Web Server Common
1011646* - Apache Airflow Command Injection Vulnerability (CVE-2022-40127)
Web Server HTTPS
1011505* - Node.js HTTP Request Smuggling Vulnerability (CVE-2022-32213)
Web Server Miscellaneous
1011177* - Atlassian Confluence Server Arbitrary File Read Vulnerability (CVE-2021-26085)
1011825 - Jenkins 'File Parameter' Plugin Arbitrary File Write Vulnerability (CVE-2023-32986)
Web Server Oracle
1008688* - Oracle Identity Manager Default Account Vulnerability (CVE-2017-10151)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.