Deep Security Center
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Kerberos KDC Server
1011421 - Identified Kerberos Authentication with Spoofed Certificate
Redis Server
1011402* - Redis Remote Code Execution Vulnerability (CVE-2022-0543)
Suspicious Client Application Activity
1003462* - Detected Web Client Traffic
Veeam Distribution Service
1011408* - Veeam Backup and Replication Authentication Bypass Vulnerability (CVE-2022-26501)
Web Application PHP Based
1011416 - WordPress 'Astro Pro Addon' Plugin Unauthenticated SQL Injection Vulnerability (CVE-2021-24507)
1011411 - WordPress 'CleanTalk AntiSpam' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-28221)
1011419 - WordPress 'CleanTalk AntiSpam' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-28222)
1011405* - WordPress 'Elementor Website Builder' Plugin Arbitrary File Upload Vulnerability (CVE-2022-1329)
1011409* - WordPress 'Hummingbird' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0994)
1011410* - WordPress 'Loco Translate' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0765)
1011407* - WordPress 'WP Downgrade' Plugin Cross-Site Scripting Vulnerability (CVE-2022-1001)
Web Server Adobe ColdFusion
1011422 - Adobe ColdFusion Cross-site Scripting Vulnerability (CVE-2022-28818)
Web Server Common
1011414* - SuiteCRM Remote Code Execution Vulnerability (CVE-2020-28328)
Web Server HTTPS
1011212* - F5 BIG-IP and BIG-IQ iControl REST Authentication Bypass Vulnerabilities (CVE-2021-22986 and CVE-2022-1388)
1011406* - SalesAgility SuiteCRM Remote Code Execution Vulnerability (CVE-2022-23940)
Web Server Oracle
1011413* - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638) - 1
Zoho ManageEngine
1011420 - Zoho ManageEngine OpManager SQL Injection Vulnerability (CVE-2022-27908)
Zoho ManageEngine ADSelfService Plus
1011412 - Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability (CVE-2022-28810)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011360* - Microsoft Windows WMI Events
Deep Packet Inspection Rules:
Kerberos KDC Server
1011421 - Identified Kerberos Authentication with Spoofed Certificate
Redis Server
1011402* - Redis Remote Code Execution Vulnerability (CVE-2022-0543)
Suspicious Client Application Activity
1003462* - Detected Web Client Traffic
Veeam Distribution Service
1011408* - Veeam Backup and Replication Authentication Bypass Vulnerability (CVE-2022-26501)
Web Application PHP Based
1011416 - WordPress 'Astro Pro Addon' Plugin Unauthenticated SQL Injection Vulnerability (CVE-2021-24507)
1011411 - WordPress 'CleanTalk AntiSpam' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-28221)
1011419 - WordPress 'CleanTalk AntiSpam' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-28222)
1011405* - WordPress 'Elementor Website Builder' Plugin Arbitrary File Upload Vulnerability (CVE-2022-1329)
1011409* - WordPress 'Hummingbird' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0994)
1011410* - WordPress 'Loco Translate' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0765)
1011407* - WordPress 'WP Downgrade' Plugin Cross-Site Scripting Vulnerability (CVE-2022-1001)
Web Server Adobe ColdFusion
1011422 - Adobe ColdFusion Cross-site Scripting Vulnerability (CVE-2022-28818)
Web Server Common
1011414* - SuiteCRM Remote Code Execution Vulnerability (CVE-2020-28328)
Web Server HTTPS
1011212* - F5 BIG-IP and BIG-IQ iControl REST Authentication Bypass Vulnerabilities (CVE-2021-22986 and CVE-2022-1388)
1011406* - SalesAgility SuiteCRM Remote Code Execution Vulnerability (CVE-2022-23940)
Web Server Oracle
1011413* - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638) - 1
Zoho ManageEngine
1011420 - Zoho ManageEngine OpManager SQL Injection Vulnerability (CVE-2022-27908)
Zoho ManageEngine ADSelfService Plus
1011412 - Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability (CVE-2022-28810)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011360* - Microsoft Windows WMI Events
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Redis Server
1011402 - Redis Remote Code Execution Vulnerability (CVE-2022-0543)
Veeam Distribution Service
1011408 - Veeam Backup and Replication Authentication Bypass Vulnerability (CVE-2022-26501)
Web Application PHP Based
1011405 - WordPress 'Elementor Website Builder' Plugin Arbitrary File Upload Vulnerability (CVE-2022-1329)
1011409 - WordPress 'Hummingbird' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0994)
1011410 - WordPress 'Loco Translate' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0765)
1011400* - WordPress 'Modern Events Calendar Lite' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0364)
1011404* - WordPress 'UpdraftPlus' Plugin Cross-Site Scripting Vulnerability (CVE-2022-0864)
1011407 - WordPress 'WP Downgrade' Plugin Cross-Site Scripting Vulnerability (CVE-2022-1001)
1011401* - WordPress 'iQ Block Country' Plugin Arbitrary File Deletion Vulnerability (CVE-2022-0246)
Web Client Common
1011415 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-16) - 3
Web Server Common
1011414 - SuiteCRM Remote Code Execution Vulnerability (CVE-2020-28328)
Web Server HTTPS
1011395* - Lighttpd Denial of Service Vulnerability (CVE-2022-22707)
1011406 - SalesAgility SuiteCRM Remote Code Execution Vulnerability (CVE-2022-23940)
Web Server Miscellaneous
1011403 - Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)
1011396* - Jenkins 'Active Choices' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21616)
Web Server Oracle
1011413 - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638) - 1
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Redis Server
1011402 - Redis Remote Code Execution Vulnerability (CVE-2022-0543)
Veeam Distribution Service
1011408 - Veeam Backup and Replication Authentication Bypass Vulnerability (CVE-2022-26501)
Web Application PHP Based
1011405 - WordPress 'Elementor Website Builder' Plugin Arbitrary File Upload Vulnerability (CVE-2022-1329)
1011409 - WordPress 'Hummingbird' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0994)
1011410 - WordPress 'Loco Translate' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0765)
1011400* - WordPress 'Modern Events Calendar Lite' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0364)
1011404* - WordPress 'UpdraftPlus' Plugin Cross-Site Scripting Vulnerability (CVE-2022-0864)
1011407 - WordPress 'WP Downgrade' Plugin Cross-Site Scripting Vulnerability (CVE-2022-1001)
1011401* - WordPress 'iQ Block Country' Plugin Arbitrary File Deletion Vulnerability (CVE-2022-0246)
Web Client Common
1011415 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-16) - 3
Web Server Common
1011414 - SuiteCRM Remote Code Execution Vulnerability (CVE-2020-28328)
Web Server HTTPS
1011395* - Lighttpd Denial of Service Vulnerability (CVE-2022-22707)
1011406 - SalesAgility SuiteCRM Remote Code Execution Vulnerability (CVE-2022-23940)
Web Server Miscellaneous
1011403 - Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)
1011396* - Jenkins 'Active Choices' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21616)
Web Server Oracle
1011413 - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638) - 1
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1007021* - Remote Registry Access Through SMBv2 Protocol Detected (ATT&CK T1012)
MySQL Cluster
1011222* - Oracle MySQL Cluster Management Remote Code Execution Vulnerability (CVE-2021-35590)
MySQL Cluster NDBD
1011362* - Oracle MySQL Cluster Data Node Buffer Overflow Vulnerability (CVE-2021-35621)
1011389* - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21355)
1011391* - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21357)
1011385* - Oracle MySQL Cluster Data Node Remote Code Execution Vulnerability (CVE-2021-35592)
1011390* - Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Vulnerability (CVE-2022-21356)
SolarWinds Network Performance Monitor
1011384* - SolarWinds Orion Platform Unrestricted File Upload Vulnerability (CVE-2021-35244)
Web Application Common
1000552* - Generic Cross Site Scripting(XSS) Prevention
1010635* - Jenkins Groovy Plugin Sandbox Bypass Vulnerabilities (CVE-2019-1003029 and CVE-2019-1003030)
1011381* - Pandora FMS Command Injection Vulnerability (CVE-2019-20224)
Web Application PHP Based
1011392* - WordPress 'Ad Inserter' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0901)
1011380* - WordPress 'Easy Cookies Policy' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24405)
1011400 - WordPress 'Modern Events Calendar Lite' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0364)
1011388* - WordPress 'Modern Events Calendar Lite' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2021-24946)
1011387* - WordPress 'Photo Gallery' Plugin SQL Injection Vulnerability (CVE-2022-0169)
1011393* - WordPress 'RegistrationMagic' Plugin Authenticated SQL Injection Vulnerability (CVE-2021-24862)
1011404 - WordPress 'UpdraftPlus' Plugin Cross-Site Scripting Vulnerability (CVE-2022-0864)
1011401 - WordPress 'iQ Block Country' Plugin Arbitrary File Deletion Vulnerability (CVE-2022-0246)
Web Client Common
1009919* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-41) - 4
1011398 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-16) - 1
1011397 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-16) - 2
Web Client VNC
1011373* - TightVNC VNCViewer RFB Connection Heap Buffer Overflow Vulnerability (CVE-2022-23967)
Web Server Common
1011343* - BMC Track-It Information Disclosure Vulnerability (CVE-2021-35001)
1011377* - Django Infinite Loop Denial of Service Vulnerability (CVE-2022-23833)
1011371* - Spring Cloud Function Remote Code Execution Vulnerability (CVE-2022-22963)
Web Server HTTPS
1011395 - Lighttpd Denial of Service Vulnerability (CVE-2022-22707)
Web Server Miscellaneous
1011396 - Jenkins 'Active Choices' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21616)
1011376* - VMware Spring Cloud Gateway Remote Code Execution Vulnerability (CVE-2022-22947)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services
1007021* - Remote Registry Access Through SMBv2 Protocol Detected (ATT&CK T1012)
MySQL Cluster
1011222* - Oracle MySQL Cluster Management Remote Code Execution Vulnerability (CVE-2021-35590)
MySQL Cluster NDBD
1011362* - Oracle MySQL Cluster Data Node Buffer Overflow Vulnerability (CVE-2021-35621)
1011389* - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21355)
1011391* - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21357)
1011385* - Oracle MySQL Cluster Data Node Remote Code Execution Vulnerability (CVE-2021-35592)
1011390* - Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Vulnerability (CVE-2022-21356)
SolarWinds Network Performance Monitor
1011384* - SolarWinds Orion Platform Unrestricted File Upload Vulnerability (CVE-2021-35244)
Web Application Common
1000552* - Generic Cross Site Scripting(XSS) Prevention
1010635* - Jenkins Groovy Plugin Sandbox Bypass Vulnerabilities (CVE-2019-1003029 and CVE-2019-1003030)
1011381* - Pandora FMS Command Injection Vulnerability (CVE-2019-20224)
Web Application PHP Based
1011392* - WordPress 'Ad Inserter' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0901)
1011380* - WordPress 'Easy Cookies Policy' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24405)
1011400 - WordPress 'Modern Events Calendar Lite' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0364)
1011388* - WordPress 'Modern Events Calendar Lite' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2021-24946)
1011387* - WordPress 'Photo Gallery' Plugin SQL Injection Vulnerability (CVE-2022-0169)
1011393* - WordPress 'RegistrationMagic' Plugin Authenticated SQL Injection Vulnerability (CVE-2021-24862)
1011404 - WordPress 'UpdraftPlus' Plugin Cross-Site Scripting Vulnerability (CVE-2022-0864)
1011401 - WordPress 'iQ Block Country' Plugin Arbitrary File Deletion Vulnerability (CVE-2022-0246)
Web Client Common
1009919* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-41) - 4
1011398 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-16) - 1
1011397 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-16) - 2
Web Client VNC
1011373* - TightVNC VNCViewer RFB Connection Heap Buffer Overflow Vulnerability (CVE-2022-23967)
Web Server Common
1011343* - BMC Track-It Information Disclosure Vulnerability (CVE-2021-35001)
1011377* - Django Infinite Loop Denial of Service Vulnerability (CVE-2022-23833)
1011371* - Spring Cloud Function Remote Code Execution Vulnerability (CVE-2022-22963)
Web Server HTTPS
1011395 - Lighttpd Denial of Service Vulnerability (CVE-2022-22707)
Web Server Miscellaneous
1011396 - Jenkins 'Active Choices' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21616)
1011376* - VMware Spring Cloud Gateway Remote Code Execution Vulnerability (CVE-2022-22947)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Database Microsoft SQL
1000917* - Restrict Microsoft SQL Server XP_CMDSHELL Procedure
MySQL Cluster NDBD
1011389 - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21355)
1011391 - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21357)
1011390 - Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Vulnerability (CVE-2022-21356)
SolarWinds Network Performance Monitor
1011384 - SolarWinds Orion Platform Unrestricted File Upload Vulnerability (CVE-2021-35244)
Web Application Common
1005402* - Identified Suspicious User Agent In HTTP Request
Web Application PHP Based
1011392 - WordPress 'Ad Inserter' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0901)
1011388 - WordPress 'Modern Events Calendar Lite' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2021-24946)
1011393 - WordPress 'RegistrationMagic' Plugin Authenticated SQL Injection Vulnerability (CVE-2021-24862)
Web Application Tomcat
1011322* - Laravel Deserialization Remote Code Execution Vulnerability (CVE-2021-3129)
Web Client Common
1011394 - Foxit Reader Use After Free Vulnerability (CVE-2018-17705)
Web Client VNC
1011373 - TightVNC VNCViewer RFB Connection Heap Buffer Overflow Vulnerability (CVE-2022-23967)
Web Server Common
1011343 - BMC Track-It Information Disclosure Vulnerability (CVE-2021-35001)
1011377 - Django Infinite Loop Denial of Service Vulnerability (CVE-2022-23833)
Web Server Miscellaneous
1010461* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2019-0230)
Web Server Oracle
1010223* - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Database Microsoft SQL
1000917* - Restrict Microsoft SQL Server XP_CMDSHELL Procedure
MySQL Cluster NDBD
1011389 - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21355)
1011391 - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21357)
1011390 - Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Vulnerability (CVE-2022-21356)
SolarWinds Network Performance Monitor
1011384 - SolarWinds Orion Platform Unrestricted File Upload Vulnerability (CVE-2021-35244)
Web Application Common
1005402* - Identified Suspicious User Agent In HTTP Request
Web Application PHP Based
1011392 - WordPress 'Ad Inserter' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0901)
1011388 - WordPress 'Modern Events Calendar Lite' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2021-24946)
1011393 - WordPress 'RegistrationMagic' Plugin Authenticated SQL Injection Vulnerability (CVE-2021-24862)
Web Application Tomcat
1011322* - Laravel Deserialization Remote Code Execution Vulnerability (CVE-2021-3129)
Web Client Common
1011394 - Foxit Reader Use After Free Vulnerability (CVE-2018-17705)
Web Client VNC
1011373 - TightVNC VNCViewer RFB Connection Heap Buffer Overflow Vulnerability (CVE-2022-23967)
Web Server Common
1011343 - BMC Track-It Information Disclosure Vulnerability (CVE-2021-35001)
1011377 - Django Infinite Loop Denial of Service Vulnerability (CVE-2022-23833)
Web Server Miscellaneous
1010461* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2019-0230)
Web Server Oracle
1010223* - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
MySQL Cluster
1011222 - Oracle MySQL Cluster Management Remote Code Execution Vulnerability (CVE-2021-35590)
MySQL Cluster NDBD
1011362 - Oracle MySQL Cluster Data Node Buffer Overflow Vulnerability (CVE-2021-35621)
1011385 - Oracle MySQL Cluster Data Node Remote Code Execution Vulnerability (CVE-2021-35592)
Web Application Common
1011364* - Dolibarr ERP And CRM Code Injection Vulnerability (CVE-2022-0819)
1011381 - Pandora FMS Command Injection Vulnerability (CVE-2019-20224)
Web Application PHP Based
1011386 - Identified WordPress 'Error Log Viewer' Plugin File Clearing Request
1011380 - WordPress 'Easy Cookies Policy' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24405)
1011356* - WordPress 'Header Footer Code Manager' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0710)
1011353* - WordPress 'MasterStudy LMS' Plugin Admin Account Creation Vulnerability (CVE-2022-0441)
1011387 - WordPress 'Photo Gallery' Plugin SQL Injection Vulnerability (CVE-2022-0169)
1011375* - WordPress 'Photoswipe Masonry Gallery' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0750)
Web Client Common
1011383 - Chromium Based Browsers Use After Free Vulnerability (CVE-2022-0289)
Web Server Common
1011371* - Spring Cloud Function Remote Code Execution Vulnerability (CVE-2022-22963)
1011372* - Spring Framework "Spring4Shell" Remote Code Execution Vulnerability (CVE-2022-22965)
Web Server Miscellaneous
1011378 - Eclipse Jetty Unauthenticated Information Disclosure Vulnerability (CVE-2021-28169)
1011376* - VMware Spring Cloud Gateway Remote Code Execution Vulnerability (CVE-2022-22947)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
MySQL Cluster
1011222 - Oracle MySQL Cluster Management Remote Code Execution Vulnerability (CVE-2021-35590)
MySQL Cluster NDBD
1011362 - Oracle MySQL Cluster Data Node Buffer Overflow Vulnerability (CVE-2021-35621)
1011385 - Oracle MySQL Cluster Data Node Remote Code Execution Vulnerability (CVE-2021-35592)
Web Application Common
1011364* - Dolibarr ERP And CRM Code Injection Vulnerability (CVE-2022-0819)
1011381 - Pandora FMS Command Injection Vulnerability (CVE-2019-20224)
Web Application PHP Based
1011386 - Identified WordPress 'Error Log Viewer' Plugin File Clearing Request
1011380 - WordPress 'Easy Cookies Policy' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24405)
1011356* - WordPress 'Header Footer Code Manager' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0710)
1011353* - WordPress 'MasterStudy LMS' Plugin Admin Account Creation Vulnerability (CVE-2022-0441)
1011387 - WordPress 'Photo Gallery' Plugin SQL Injection Vulnerability (CVE-2022-0169)
1011375* - WordPress 'Photoswipe Masonry Gallery' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0750)
Web Client Common
1011383 - Chromium Based Browsers Use After Free Vulnerability (CVE-2022-0289)
Web Server Common
1011371* - Spring Cloud Function Remote Code Execution Vulnerability (CVE-2022-22963)
1011372* - Spring Framework "Spring4Shell" Remote Code Execution Vulnerability (CVE-2022-22965)
Web Server Miscellaneous
1011378 - Eclipse Jetty Unauthenticated Information Disclosure Vulnerability (CVE-2021-28169)
1011376* - VMware Spring Cloud Gateway Remote Code Execution Vulnerability (CVE-2022-22947)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
OpenSSL Client
1011370 - OpenSSL Client Denial Of Service Vulnerability (CVE-2022-0778)
Web Application Common
1011364 - Dolibarr ERP And CRM Code Injection Vulnerability (CVE-2022-0819)
Web Application PHP Based
1011358* - WordPress 'CP Blocks' Plugin Cross-Site Scripting Vulnerability (CVE-2022-0448)
1011302* - WordPress 'Contact Form 7' plugin Unauthenticated Stored Cross-Site Scripting Vulnerability (CVE-2021-25080)
1011356 - WordPress 'Header Footer Code Manager' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0710)
1011353 - WordPress 'MasterStudy LMS' Plugin Admin Account Creation Vulnerability (CVE-2022-0441)
1011375 - WordPress 'Photoswipe Masonry Gallery' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0750)
1011352* - WordPress 'Titan Labs Security Audit' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24901)
1011340* - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-25148)
Web Client Common
1011367 - Chromium Based Browsers Incorrect Authorization Vulnerability (CVE-2022-0309)
1011368 - Chromium Based Browsers Use After Free Vulnerability (CVE-2022-0297)
1011374 - Chromium Use After Free Vulnerability (CVE-2022-0609)
Web Client Mozilla Firefox
1011361 - Mozilla Firefox Use-After-Free Remote Code Execution Vulnerability (CVE-2022-26381)
Web Server Common
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011265* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-45046)
1011344* - BMC Track-It Unrestricted File Upload Remote Code Execution Vulnerability (CVE-2021-35002)
1010175* - Cross-Site Scripting (XSS) Decoder
1011372* - Spring Framework "Spring4Shell" Remote Code Execution Vulnerability (CVE-2022-22965)
1010721* - VMware Multiple Products Command Injection Vulnerability (CVE-2020-4006)
Web Server Miscellaneous
1011376 - VMware Spring Cloud Gateway Remote Code Execution Vulnerability (CVE-2022-22947)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002831* - Unix - Syslog
Deep Packet Inspection Rules:
OpenSSL Client
1011370 - OpenSSL Client Denial Of Service Vulnerability (CVE-2022-0778)
Web Application Common
1011364 - Dolibarr ERP And CRM Code Injection Vulnerability (CVE-2022-0819)
Web Application PHP Based
1011358* - WordPress 'CP Blocks' Plugin Cross-Site Scripting Vulnerability (CVE-2022-0448)
1011302* - WordPress 'Contact Form 7' plugin Unauthenticated Stored Cross-Site Scripting Vulnerability (CVE-2021-25080)
1011356 - WordPress 'Header Footer Code Manager' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0710)
1011353 - WordPress 'MasterStudy LMS' Plugin Admin Account Creation Vulnerability (CVE-2022-0441)
1011375 - WordPress 'Photoswipe Masonry Gallery' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0750)
1011352* - WordPress 'Titan Labs Security Audit' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24901)
1011340* - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-25148)
Web Client Common
1011367 - Chromium Based Browsers Incorrect Authorization Vulnerability (CVE-2022-0309)
1011368 - Chromium Based Browsers Use After Free Vulnerability (CVE-2022-0297)
1011374 - Chromium Use After Free Vulnerability (CVE-2022-0609)
Web Client Mozilla Firefox
1011361 - Mozilla Firefox Use-After-Free Remote Code Execution Vulnerability (CVE-2022-26381)
Web Server Common
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011265* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-45046)
1011344* - BMC Track-It Unrestricted File Upload Remote Code Execution Vulnerability (CVE-2021-35002)
1010175* - Cross-Site Scripting (XSS) Decoder
1011372* - Spring Framework "Spring4Shell" Remote Code Execution Vulnerability (CVE-2022-22965)
1010721* - VMware Multiple Products Command Injection Vulnerability (CVE-2020-4006)
Web Server Miscellaneous
1011376 - VMware Spring Cloud Gateway Remote Code Execution Vulnerability (CVE-2022-22947)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002831* - Unix - Syslog
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Server Common
1011371 - Spring Cloud Function Remote Code Execution Vulnerability (CVE-2022-22963)
1011372 - Spring Framework "Spring4Shell" Remote Code Execution Vulnerability (CVE-2022-22965)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Web Server Common
1011371 - Spring Cloud Function Remote Code Execution Vulnerability (CVE-2022-22963)
1011372 - Spring Framework "Spring4Shell" Remote Code Execution Vulnerability (CVE-2022-22965)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
MySQL Cluster
1011292* - Oracle MySQL Cluster Management Server Remote Code Execution Vulnerability (CVE-2022-21279)
1011291* - Oracle MySQL Cluster Management Server Remote Code Execution Vulnerability (CVE-2022-21280)
OpenSSL
1011366 - OpenSSL Server Denial Of Service Vulnerability (CVE-2022-0778)
Remote Desktop Protocol Server
1007969* - Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt (ATT&CK T1110, T1021.001)
Web Application PHP Based
1011358 - WordPress 'CP Blocks' Plugin Cross-Site Scripting Vulnerability (CVE-2022-0448)
1011325* - WordPress 'Perfect Survey' Plugin SQL Injection Vulnerability (CVE-2021-24762)
1011351* - WordPress 'TI WooCommerce Wishlist' Plugin SQL Injection Vulnerability (CVE-2022-0412)
1011352 - WordPress 'Titan Labs Security Audit' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24901)
1011340 - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-25148)
1011347* - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-25149)
1011333* - WordPress 'WP Statistics' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2022-0513)
Web Server Adobe ColdFusion
1011355 - Identified Adobe ColdFusion LDAP Server Connection Request
Web Server Common
1011331 - Apache APISIX 'batch-requests' Plugin Remote Code Execution Vulnerability (CVE-2022-24112)
1011344 - BMC Track-It Unrestricted File Upload Remote Code Execution Vulnerability (CVE-2021-35002)
1010721 - VMware Multiple Products Command Injection Vulnerability (CVE-2020-4006)
Web Server HTTPS
1011349 - Trend Micro Apex Central And Control Manager Remote Code Execution Vulnerability (CVE-2022-26871)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011360 - Microsoft Windows WMI Events
Deep Packet Inspection Rules:
MySQL Cluster
1011292* - Oracle MySQL Cluster Management Server Remote Code Execution Vulnerability (CVE-2022-21279)
1011291* - Oracle MySQL Cluster Management Server Remote Code Execution Vulnerability (CVE-2022-21280)
OpenSSL
1011366 - OpenSSL Server Denial Of Service Vulnerability (CVE-2022-0778)
Remote Desktop Protocol Server
1007969* - Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt (ATT&CK T1110, T1021.001)
Web Application PHP Based
1011358 - WordPress 'CP Blocks' Plugin Cross-Site Scripting Vulnerability (CVE-2022-0448)
1011325* - WordPress 'Perfect Survey' Plugin SQL Injection Vulnerability (CVE-2021-24762)
1011351* - WordPress 'TI WooCommerce Wishlist' Plugin SQL Injection Vulnerability (CVE-2022-0412)
1011352 - WordPress 'Titan Labs Security Audit' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24901)
1011340 - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-25148)
1011347* - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-25149)
1011333* - WordPress 'WP Statistics' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2022-0513)
Web Server Adobe ColdFusion
1011355 - Identified Adobe ColdFusion LDAP Server Connection Request
Web Server Common
1011331 - Apache APISIX 'batch-requests' Plugin Remote Code Execution Vulnerability (CVE-2022-24112)
1011344 - BMC Track-It Unrestricted File Upload Remote Code Execution Vulnerability (CVE-2021-35002)
1010721 - VMware Multiple Products Command Injection Vulnerability (CVE-2020-4006)
Web Server HTTPS
1011349 - Trend Micro Apex Central And Control Manager Remote Code Execution Vulnerability (CVE-2022-26871)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011360 - Microsoft Windows WMI Events
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1008445* - Microsoft Windows Search Remote Code Execution Vulnerability (CVE-2017-8543)
MySQL Cluster
1011292 - Oracle MySQL Cluster Management Server Remote Code Execution Vulnerability (CVE-2022-21279)
1011291 - Oracle MySQL Cluster Management Server Remote Code Execution Vulnerability (CVE-2022-21280)
Remote Desktop Protocol Server
1003716* - Identified Too Many Remote Desktop Protocol (RDP) Connection Request
SolarWinds Network Performance Monitor
1011271* - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 1
1011272* - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 2
Web Application PHP Based
1011337* - WordPress 'Download Monitor' Plugin Cross-Site Scripting Vulnerability (CVE-2021-23174)
1011335* - WordPress 'Mortgage-Calculators-Wp' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24904)
1011334* - WordPress 'Paid Memberships Pro' Plugin SQL Injection Vulnerability (CVE-2021-25114)
1011320* - WordPress 'Post Grid' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24488)
1011351 - WordPress 'TI WooCommerce Wishlist' Plugin SQL Injection Vulnerability (CVE-2022-0412)
1011341* - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-0651)
1011347 - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-25149)
1011333 - WordPress 'WP Statistics' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2022-0513)
1011321* - WordPress 'WooCommerce Product Slider' Plugin Reflected Cross Site Vulnerability (CVE-2021-24300)
Web Application Tomcat
1011322 - Laravel Deserialization Remote Code Execution Vulnerability (CVE-2021-3129)
Web Server Apache
1011183* - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)
Web Server Common
1011342 - Apache APISIX Remote Code Execution Vulnerability (CVE-2020-13945)
Web Server Miscellaneous
1011297* - Jenkins 'Badger' Plugin Cross-Site Scripting Vulnerability (CVE-2022-23108)
Webmin
1011338* - Webmin Improper Access Control Vulnerability (CVE-2022-0824)
Zoho ManageEngine
1011329* - Zoho ManageEngine OpManager SumPDU Multiple Java Deserialization Vulnerabilities (CVE-2020-28653 and CVE-2021-3287)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services
1008445* - Microsoft Windows Search Remote Code Execution Vulnerability (CVE-2017-8543)
MySQL Cluster
1011292 - Oracle MySQL Cluster Management Server Remote Code Execution Vulnerability (CVE-2022-21279)
1011291 - Oracle MySQL Cluster Management Server Remote Code Execution Vulnerability (CVE-2022-21280)
Remote Desktop Protocol Server
1003716* - Identified Too Many Remote Desktop Protocol (RDP) Connection Request
SolarWinds Network Performance Monitor
1011271* - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 1
1011272* - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 2
Web Application PHP Based
1011337* - WordPress 'Download Monitor' Plugin Cross-Site Scripting Vulnerability (CVE-2021-23174)
1011335* - WordPress 'Mortgage-Calculators-Wp' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24904)
1011334* - WordPress 'Paid Memberships Pro' Plugin SQL Injection Vulnerability (CVE-2021-25114)
1011320* - WordPress 'Post Grid' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24488)
1011351 - WordPress 'TI WooCommerce Wishlist' Plugin SQL Injection Vulnerability (CVE-2022-0412)
1011341* - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-0651)
1011347 - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-25149)
1011333 - WordPress 'WP Statistics' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2022-0513)
1011321* - WordPress 'WooCommerce Product Slider' Plugin Reflected Cross Site Vulnerability (CVE-2021-24300)
Web Application Tomcat
1011322 - Laravel Deserialization Remote Code Execution Vulnerability (CVE-2021-3129)
Web Server Apache
1011183* - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)
Web Server Common
1011342 - Apache APISIX Remote Code Execution Vulnerability (CVE-2020-13945)
Web Server Miscellaneous
1011297* - Jenkins 'Badger' Plugin Cross-Site Scripting Vulnerability (CVE-2022-23108)
Webmin
1011338* - Webmin Improper Access Control Vulnerability (CVE-2022-0824)
Zoho ManageEngine
1011329* - Zoho ManageEngine OpManager SumPDU Multiple Java Deserialization Vulnerabilities (CVE-2020-28653 and CVE-2021-3287)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DNS Client
1010766* - Identified Non Existing DNS Resource Record (RR) Types In DNS Traffic
SSL Client Applications
1001113* - SSL/TLS Client (ATT&CK T1573.002, T1071.001)
SolarWinds Network Performance Monitor
1011271 - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 1
1011272 - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 2
Suspicious Server Application Activity
1003594* - Detected SSL/TLS Server Traffic (ATT&CK T1573.002, T1071.001)
Web Application PHP Based
1011319* - WordPress '404 to 301' Plugin Blind SQL Injection Vulnerability (CVE-2015-9323)
1011314* - WordPress 'Contact Form Check Tester' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24247)
1011305* - WordPress 'Domain Check' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24926)
1011337 - WordPress 'Download Monitor' Plugin Cross-Site Scripting Vulnerability (CVE-2021-23174)
1011335 - WordPress 'Mortgage-Calculators-Wp' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24904)
1011334 - WordPress 'Paid Memberships Pro' Plugin SQL Injection Vulnerability (CVE-2021-25114)
1011320 - WordPress 'Post Grid' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24488)
1011341 - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-0651)
1011324* - WordPress 'WP User Frontend' Plugin SQL Injection Vulnerability (CVE-2021-25076)
1011321 - WordPress 'WooCommerce Product Slider' Plugin Reflected Cross Site Vulnerability (CVE-2021-24300)
1011313* - WordPress 'secure-copy-content-protection' Plugin SQL Injection Vulnerability (CVE-2021-24931)
Web Application Ruby Based
1011332 - Grafana Authentication Bypass Vulnerability (CVE-2021-39226)
Web Client Common
1011133* - Microsoft Visual Studio Remote Code Execution Vulnerability (CVE-2021-36952)
Web Server HTTPS
1011336 - Identified Zabbix Frontend SAML SSO Authentication Request
Web Server Miscellaneous
1011297 - Jenkins 'Badger' Plugin Cross-Site Scripting Vulnerability (CVE-2022-23108)
Web Server Nagios
1011326* - Nagios XI AutoDiscovery Component Path Traversal Vulnerability (CVE-2021-37343)
Web Server SharePoint
1011318* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-42309)
Webmin
1011338 - Webmin Improper Access Control Vulnerability (CVE-2022-0824)
Zoho ManageEngine
1011327* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37926)
1011329 - Zoho ManageEngine OpManager SumPDU Multiple Java Deserialization Vulnerabilities (CVE-2020-28653 and CVE-2021-3287)
1011317* - Zoho ManageEngine ServiceDesk Plus Stored Cross-Site Scripting Vulnerability (CVE-2021-46065)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002831* - Unix - Syslog
Deep Packet Inspection Rules:
DNS Client
1010766* - Identified Non Existing DNS Resource Record (RR) Types In DNS Traffic
SSL Client Applications
1001113* - SSL/TLS Client (ATT&CK T1573.002, T1071.001)
SolarWinds Network Performance Monitor
1011271 - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 1
1011272 - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 2
Suspicious Server Application Activity
1003594* - Detected SSL/TLS Server Traffic (ATT&CK T1573.002, T1071.001)
Web Application PHP Based
1011319* - WordPress '404 to 301' Plugin Blind SQL Injection Vulnerability (CVE-2015-9323)
1011314* - WordPress 'Contact Form Check Tester' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24247)
1011305* - WordPress 'Domain Check' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24926)
1011337 - WordPress 'Download Monitor' Plugin Cross-Site Scripting Vulnerability (CVE-2021-23174)
1011335 - WordPress 'Mortgage-Calculators-Wp' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24904)
1011334 - WordPress 'Paid Memberships Pro' Plugin SQL Injection Vulnerability (CVE-2021-25114)
1011320 - WordPress 'Post Grid' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24488)
1011341 - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-0651)
1011324* - WordPress 'WP User Frontend' Plugin SQL Injection Vulnerability (CVE-2021-25076)
1011321 - WordPress 'WooCommerce Product Slider' Plugin Reflected Cross Site Vulnerability (CVE-2021-24300)
1011313* - WordPress 'secure-copy-content-protection' Plugin SQL Injection Vulnerability (CVE-2021-24931)
Web Application Ruby Based
1011332 - Grafana Authentication Bypass Vulnerability (CVE-2021-39226)
Web Client Common
1011133* - Microsoft Visual Studio Remote Code Execution Vulnerability (CVE-2021-36952)
Web Server HTTPS
1011336 - Identified Zabbix Frontend SAML SSO Authentication Request
Web Server Miscellaneous
1011297 - Jenkins 'Badger' Plugin Cross-Site Scripting Vulnerability (CVE-2022-23108)
Web Server Nagios
1011326* - Nagios XI AutoDiscovery Component Path Traversal Vulnerability (CVE-2021-37343)
Web Server SharePoint
1011318* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-42309)
Webmin
1011338 - Webmin Improper Access Control Vulnerability (CVE-2022-0824)
Zoho ManageEngine
1011327* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37926)
1011329 - Zoho ManageEngine OpManager SumPDU Multiple Java Deserialization Vulnerabilities (CVE-2020-28653 and CVE-2021-3287)
1011317* - Zoho ManageEngine ServiceDesk Plus Stored Cross-Site Scripting Vulnerability (CVE-2021-46065)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002831* - Unix - Syslog