21-046 (October 19, 2021)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Memcached
1011097 - Oracle MySQL Integer Underflow Vulnerability (CVE-2021-2389)


Microsoft Office
1011181 - Microsoft Office Visio Remote Code Execution Vulnerability (CVE-2021-40480)
1011182 - Microsoft Office Visio Remote Code Execution Vulnerability (CVE-2021-40481)
1011184 - Microsoft Word Remote Code Execution Vulnerability (CVE-2021-40486)


Web Application Common
1011173* - WordPress 'Redirect 404 To Parent' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24286)
1011174* - WordPress 'Select All Categories and Taxonomies' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24287)


Web Client Common
1011175 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB21-104) - 1
1011176 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2021-40730)


Web Server Apache
1011183 - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)


Web Server HTTPS
1011172* - WordPress 'TranslatePress' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24610)


Web Server Miscellaneous
1011177 - Atlassian Confluence Server Arbitrary File Read Vulnerability (CVE-2021-26085)
1011179 - Atlassian Jira Path Traversal Vulnerability (CVE-2021-26086)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1002828* - Application - Secure Shell Daemon (SSHD)
1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
1004057* - Microsoft Windows Security Events - 1