ruleUpdate
23-039 (12 de września de 2023)
Publish Date: 12 de września de 2023
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
IPSec-IKE
1011801* - Microsoft Windows Internet Key Exchange (IKE) Protocol Extensions Denial Of Service Vulnerability (CVE-2023-21758)
SNMP Server
1011647* - Net-SNMP NULL Pointer Dereference Vulnerability (CVE-2022-44792)
SolarWinds Orion Platform
1011851 - SolarWinds Orion Platform Incorrect Comparison Vulnerability (CVE-2023-23843)
Web Application PHP Based
1011845 - GLPI SQL Injection Vulnerability (CVE-2023-36808)
1011826* - Roundcube Webmail Command Injection Vulnerability (CVE-2020-12641)
Web Client Common
1011852 - Foxit PDF Reader and Editor Out-Of-Bounds Read Remote Code Execution Vulnerability (CVE-2023-38119)
Web Server Common
1011791* - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2022-48343)
Web Server HTTPS
1011794* - Contec CONPROSYS HMI System SQL Injection Vulnerability (CVE-2023-29154)
Web Server Miscellaneous
1011759* - Ivanti Avalanche Arbitrary File Upload Vulnerability (CVE-2023-28128)
Zoho ManageEngine ADSelfService Plus
1011793* - Zoho ManageEngine ADSelfService Plus Denial Of Service Vulnerability (CVE-2023-28342)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1004488* - Database Server - Microsoft SQL
Deep Packet Inspection Rules:
IPSec-IKE
1011801* - Microsoft Windows Internet Key Exchange (IKE) Protocol Extensions Denial Of Service Vulnerability (CVE-2023-21758)
SNMP Server
1011647* - Net-SNMP NULL Pointer Dereference Vulnerability (CVE-2022-44792)
SolarWinds Orion Platform
1011851 - SolarWinds Orion Platform Incorrect Comparison Vulnerability (CVE-2023-23843)
Web Application PHP Based
1011845 - GLPI SQL Injection Vulnerability (CVE-2023-36808)
1011826* - Roundcube Webmail Command Injection Vulnerability (CVE-2020-12641)
Web Client Common
1011852 - Foxit PDF Reader and Editor Out-Of-Bounds Read Remote Code Execution Vulnerability (CVE-2023-38119)
Web Server Common
1011791* - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2022-48343)
Web Server HTTPS
1011794* - Contec CONPROSYS HMI System SQL Injection Vulnerability (CVE-2023-29154)
Web Server Miscellaneous
1011759* - Ivanti Avalanche Arbitrary File Upload Vulnerability (CVE-2023-28128)
Zoho ManageEngine ADSelfService Plus
1011793* - Zoho ManageEngine ADSelfService Plus Denial Of Service Vulnerability (CVE-2023-28342)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1004488* - Database Server - Microsoft SQL