23-004 (January 24, 2023)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Atlassian Bitbucket
1011658 - Atlassian Bitbucket Server and Data Center Command Injection Vulnerability (CVE-2022-43781)


CentOS Web Panel
1011657* - CentOS Web Panel Remote Code Execution Vulnerability (CVE-2022-44877)


SAP NetWeaver Java Application Server
1011664 - SAP NetWeaver Unrestricted File Upload Vulnerability (CVE-2021-38163)


SNMP Server
1011647 - Net-SNMP NULL Pointer Dereference Vulnerability (CVE-2022-44792)


Web Application PHP Based
1011439* - WordPress 'Advanced Uploader' Plugin Arbitrary File Upload Vulnerability (CVE-2022-1103)


Web Server Miscellaneous
1011661 - XWiki Code Injection Vulnerability (CVE-2022-36098)


Zoho ManageEngine
1011653* - Zoho ManageEngine ADManager Plus Command Injection Vulnerability (CVE-2022-42904)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1011654* - Microsoft Windows - Unsecured LSA Buffer Admin Credential Dumping Vulnerability (CVE-2023-21726) (ATT&CK T1003, T1552.002)