Rule Update
24-056 (December 3, 2024)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1012120* - Apache OFBiz Authentication Bypass Vulnerability (CVE-2024-38856)
IBM WebSphere Application Server
1009803* - IBM Websphere Application Server Remote Code Execution Vulnerability (CVE-2019-4279)
Ivanti Avalanche
1012203 - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2024-23535)
1012053* - Ivanti Avalanche Multiple Vulnerabilities
1012217 - Ivanti Avalanche Remote Code Execution Vulnerability (CVE-2024-23534)
1012200 - Ivanti Avalanche XML External Entity Processing Vulnerability (CVE-2024-38653)
Ivanti Endpoint Manager
1012211 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32839)
1012204 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-50328)
Kubernetes API Server
1012165* - Kubernetes Ingress-Nginx Code Injection Vulnerability (CVE-2023-5044)
Mail Server Common
1012173 - Roundcube Webmail Stored Cross-Site Scripting Vulnerability (CVE-2024-42009)
Progress WhatsUp Gold WCF service
1012123* - Progress WhatsUp Gold Information Disclosure Vulnerability (CVE-2024-5015)
Unix Samba
1012198 - Linux Kernel KSMBD Information Disclosure Vulnerability (CVE-2023-4458)
Web Server Apache
1012166* - Apache Httpd 'mod_cgi Handler' Improper Input Validation Vulnerability (CVE-2024-38476)
Web Server HTTPS
1012218 - Centreon SQL Injection Vulnerability (CVE-2024-39841)
1012170* - Centreon SQL Injection Vulnerability (CVE-2024-39842 and CVE-2024-39843)
1012197 - Centreon SQL Injection Vulnerability (CVE-2024-5725)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1012120* - Apache OFBiz Authentication Bypass Vulnerability (CVE-2024-38856)
IBM WebSphere Application Server
1009803* - IBM Websphere Application Server Remote Code Execution Vulnerability (CVE-2019-4279)
Ivanti Avalanche
1012203 - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2024-23535)
1012053* - Ivanti Avalanche Multiple Vulnerabilities
1012217 - Ivanti Avalanche Remote Code Execution Vulnerability (CVE-2024-23534)
1012200 - Ivanti Avalanche XML External Entity Processing Vulnerability (CVE-2024-38653)
Ivanti Endpoint Manager
1012211 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32839)
1012204 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-50328)
Kubernetes API Server
1012165* - Kubernetes Ingress-Nginx Code Injection Vulnerability (CVE-2023-5044)
Mail Server Common
1012173 - Roundcube Webmail Stored Cross-Site Scripting Vulnerability (CVE-2024-42009)
Progress WhatsUp Gold WCF service
1012123* - Progress WhatsUp Gold Information Disclosure Vulnerability (CVE-2024-5015)
Unix Samba
1012198 - Linux Kernel KSMBD Information Disclosure Vulnerability (CVE-2023-4458)
Web Server Apache
1012166* - Apache Httpd 'mod_cgi Handler' Improper Input Validation Vulnerability (CVE-2024-38476)
Web Server HTTPS
1012218 - Centreon SQL Injection Vulnerability (CVE-2024-39841)
1012170* - Centreon SQL Injection Vulnerability (CVE-2024-39842 and CVE-2024-39843)
1012197 - Centreon SQL Injection Vulnerability (CVE-2024-5725)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.