24-007 (February 6, 2024)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

HP Intelligent Management Center (IMC)
1011941 - Apache OFBiz Insecure Deserialization Vulnerability (CVE-2023-49070)


Ivanti Avalanche
1011955 - Ivanti Avalanche XML External Entity Information Disclosure Vulnerability (CVE-2023-46265)


Jenkins Remoting
1011966 - Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897)


Trend Micro Mobile Security Server
1011957* - Trend Micro Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41176)
1011964 - Trend Micro Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41177)
1011963 - Trend Micro Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41178)


Web Server HTTPS
1011967 - Trend Micro Apex Central File Upload Vulnerability (CVE-2023-52324)


Web Server Miscellaneous
1011954* - Atlassian Confluence Data Center and Server Template Injection Vulnerability (CVE-2023-22527)
1011961 - Paessler PRTG Network Monitor Cross-Site Scripting Vulnerability (CVE-2023-51630)


Zoho ManageEngine
1011965 - Zoho ManageEngine Multiple Products Directory Traversal Vulnerability (CVE-2023-47211)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.