23-024 (June 6, 2023)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1001852* - Identified Attempt To Brute Force Windows Login Credentials (ATT&CK T1110)


GoCD Server
1011758 - GoCD Server Directory Traversal Vulnerability (CVE-2021-43287)


MSMQ Service
1011764 - Microsoft Windows Message Queuing Service Remote Code Execution Vulnerability (CVE-2023-21554)


Web Application Common
1011774 - MOVEit Transfer SQL Injection Vulnerability (CVE-2023-34362)


Web Application PHP Based
1011772 - Pimcore SQL Injection Vulnerability (CVE-2023-1578)


Web Application Tomcat
1011322* - Laravel Deserialization Remote Code Execution Vulnerability (CVE-2021-3129)


Web Server Common
1011342* - Apache APISIX Remote Code Execution Vulnerability (CVE-2020-13945)


Web Server HTTPS
1011768 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32531)
1011766 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32532)
1011767 - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32533)


Web Server Miscellaneous
1011739 - GitLab Cross-Site Scripting Vulnerability (CVE-2023-0050)
1011760 - XWiki Remote Code Execution Vulnerability (CVE-2023-29509)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.