ruleUpdate
23-024 (06 de czerwca de 2023)
Publish Date: 06 de czerwca de 2023
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1001852* - Identified Attempt To Brute Force Windows Login Credentials (ATT&CK T1110)
GoCD Server
1011758 - GoCD Server Directory Traversal Vulnerability (CVE-2021-43287)
MSMQ Service
1011764 - Microsoft Windows Message Queuing Service Remote Code Execution Vulnerability (CVE-2023-21554)
Web Application Common
1011774 - MOVEit Transfer SQL Injection Vulnerability (CVE-2023-34362)
Web Application PHP Based
1011772 - Pimcore SQL Injection Vulnerability (CVE-2023-1578)
Web Application Tomcat
1011322* - Laravel Deserialization Remote Code Execution Vulnerability (CVE-2021-3129)
Web Server Common
1011342* - Apache APISIX Remote Code Execution Vulnerability (CVE-2020-13945)
Web Server HTTPS
1011768 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32531)
1011766 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32532)
1011767 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32533)
Web Server Miscellaneous
1011739 - GitLab Cross-Site Scripting Vulnerability (CVE-2023-0050)
1011760 - XWiki Remote Code Execution Vulnerability (CVE-2023-29509)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services
1001852* - Identified Attempt To Brute Force Windows Login Credentials (ATT&CK T1110)
GoCD Server
1011758 - GoCD Server Directory Traversal Vulnerability (CVE-2021-43287)
MSMQ Service
1011764 - Microsoft Windows Message Queuing Service Remote Code Execution Vulnerability (CVE-2023-21554)
Web Application Common
1011774 - MOVEit Transfer SQL Injection Vulnerability (CVE-2023-34362)
Web Application PHP Based
1011772 - Pimcore SQL Injection Vulnerability (CVE-2023-1578)
Web Application Tomcat
1011322* - Laravel Deserialization Remote Code Execution Vulnerability (CVE-2021-3129)
Web Server Common
1011342* - Apache APISIX Remote Code Execution Vulnerability (CVE-2020-13945)
Web Server HTTPS
1011768 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32531)
1011766 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32532)
1011767 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32533)
Web Server Miscellaneous
1011739 - GitLab Cross-Site Scripting Vulnerability (CVE-2023-0050)
1011760 - XWiki Remote Code Execution Vulnerability (CVE-2023-29509)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.