23-013 (March 28, 2023)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Advanced Message Queuing Protocol (AMQP)
1011704 - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)


HP Intelligent Management Center (IMC)
1011687 - HPE Intelligent Management Center 'getAddFormBean' Remote Code Execution Vulnerability (CVE-2019-5352)
1011688 - HPE Intelligent Management Center 'getInsListBean' Remote Code Execution Vulnerability (CVE-2019-5354)


Oracle E-Business Suite Web Interface
1011709 - Oracle E-Business Suite Web Applications Desktop Integrator Directory Traversal Vulnerability (CVE-2022-39428)


SolarWinds Information Service
1011586* - SolarWinds Network Performance Monitor 'DeserializeFromStrippedXml' Insecure Deserialization Vulnerability (CVE-2022-36958)


Web Application PHP Based
1011702 - Froxlor Arbitrary File Overwrite Vulnerability (CVE-2023-0315)


Web Application Ruby Based
1011705 - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2023-0507)


Web Client Common
1011710 - Foxit PDF Reader And Editor Use After Free Vulnerability (CVE-2023-27329)
1011711 - Foxit PDF Reader And Editor Use After Free Vulnerability (CVE-2023-27331)


Web Server Miscellaneous
1011713 - XWiki Code Injection Vulnerability (CVE-2023-26475)


Zabbix Server
1011698 - Zabbix Server Arbitrary File Read Vulnerability (CVE-2022-46768)


dotCMS
1011460* - dotCMS Directory Traversal Vulnerability (CVE-2022-26352)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.