24-040 (August 27, 2024)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

MLflow
1012096 - MLflow Path Traversal Vulnerability (CVE-2023-6909)


Progress WhatsUp Gold WCF service
1012123 - Progress WhatsUp Gold Information Disclosure Vulnerability (CVE-2024-5015)


Web Client Common
1012114 - Microsoft Windows Themes Spoofing Vulnerability (CVE-2024-38030)


Web Server HTTPS
1012083* - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2023-6371)
1012100* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-29823)
1012116 - Progress WhatsUp Gold Remote Code Execution Vulnerability (CVE-2024-5008)
1012118 - Progress WhatsUp Gold Unrestricted File Upload Vulnerability (CVE-2024-4884)


Web Server Miscellaneous
1012047* - XWiki Code Injection Vulnerability (CVE-2024-31997)
1012132 - XWiki Cross-Site Scripting Vulnerability (CVE-2024-37900)


Web Server SharePoint BDC
1012135 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2024-38024)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.