23-051 (November 14, 2023)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

ActiveMQ OpenWire
1011897 - Apache ActiveMQ Deserialization of Untrusted Data Vulnerability (CVE-2023-46604)


CentOS Web Panel
1011900 - Control Web Panel Command Injection Remote Code Execution Vulnerability (CVE-2023-42120)
1011887* - Control Web Panel Command Injection Remote Code Execution Vulnerability (CVE-2023-42123)


JetBrains TeamCity
1011877* - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2023-41249)


SolarWinds Information Service
1011872* - SolarWinds Orion Platform Incorrect Comparison Vulnerability (CVE-2023-23840)


Web Application PHP Based
1011866 - LibreNMS Cross-Site Scripting Vulnerability (CVE-2023-4347)


Web Server HTTPS
1011881 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2023-2164)
1011886 - Qlik Sense Enterprise HTTP Request Smuggling Vulnerability (CVE-2023-41265)


Web Server Miscellaneous
1011759* - Ivanti Avalanche Multiple Arbitrary File Upload Vulnerabilities


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.