DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

HP Intelligent Management Center (IMC)
1012208 - Apache OFBiz Remote Code Execution Vulnerability (CVE-2024-45195)


Ivanti Avalanche Remote Control Server
1012176 - Ivanti Avalanche Server-Side Request Forgery Vulnerability (CVE-2024-47008)


SolarWinds Access Rights Manager
1012195 - SolarWinds Access Rights Manager Directory Traversal Vulnerability (CVE-2024-23476)


Web Application PHP Based
1012193 - WordPress 'WP Brutal AI' Plugin SQL Injection Vulnerability (CVE-2023-2601)


Web Application Ruby Based
1012189 - Grafana 'duckdb' Remote Code Execution Vulnerability (CVE-2024-9264)


Web Server HTTPS
1012188 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2024-6530)
1012139* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-6672)


Web Server Miscellaneous
1011948* - Ivanti Avalanche Remote Code Execution Vulnerability (CVE-2023-46263 and CVE-2024-29848)
1012138* - XWiki Server-Side Template Injection Vulnerability (CVE-2024-37901)


Windows Server DCERPC
1012209 - Microsoft Windows Remote Desktop Licensing Service Denial of Service Vulnerability (CVE-2024-38071)


Zoho ManageEngine ADAuditPlus
1012164* - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2024-5467)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.