22-001 (January 4, 2022)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Web Application Common
1011259 - Dolibarr ERP And CRM Command Injection Vulnerability (CVE-2021-33816)
1011258 - Dolibarr ERP And CRM Stored Cross-Site Scripting Vulnerability (CVE-2021-33618)


Web Application PHP Based
1011252 - WordPress 'Catch Themes Demo Import' Plugin Remote Code Execution Vulnerability (CVE-2021-39352)


Web Server Common
1011245 - Apache APISIX 'uri-block' Plugin Path Traversal Vulnerability (CVE-2021-43557)
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228 and CVE-2021-45046)


Web Server Miscellaneous
1011256 - Jenkins 'Artifact Repository Parameter' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21622)


Web Server Oracle
1008317* - Oracle WebLogic JBoss Interceptors Deserialization Of Untrusted Data Vulnerability (CVE-2016-3510)


Zoho ManageEngine
1011257 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37921)
1011255 - Zoho ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability (CVE-2021-37415)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1008670* - Microsoft Windows Security Events - 3