24-057 (December 10, 2024)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Ivanti Endpoint Manager
1012214 - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32847 and CVE-2024-37376)


MSMQ Service
1012227 - Microsoft Windows Message Queuing Service Remote Code Execution Vulnerability (CVE-2024-49122)


Unix Samba
1012198* - Linux Kernel KSMBD Information Disclosure Vulnerability (CVE-2023-4458)
1012210 - Linux Kernel KSMBD Information Disclosure Vulnerability (ZDI-CAN-21598)


Web Application Common
1012078* - Progress MOVEit Transfer Authentication Bypass Vulnerability (CVE-2024-5806)


Web Application PHP Based
1012097* - LibreNMS SQL Injection Vulnerability (CVE-2024-32461)


Web Server HTTPS
1012130* - Cacti Stored Cross-Site Scripting Vulnerability (CVE-2024-31444)
1012222 - Cacti Stored Cross-Site Scripting Vulnerability (CVE-2024-43362)


Windows SMB Server
1012219 - Trend Micro Deep Security Agent Command Injection Vulnerability (CVE-2024-51503)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.