23-052 (November 21, 2023)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Ivanti Avalanche
1011871* - Ivanti Avalanche XML External Entity Processing Vulnerability (CVE-2023-32567)


SolarWinds Information Service
1011901 - SolarWinds Network Configuration Manager Directory Traversal Vulnerability (CVE-2023-33226)


Web Server HTTPS
1011905 - Cachet Server-Side Template Injection Vulnerability (CVE-2023-43661)
1011908 - Identified Microsoft Exchange Server PowerShell Traffic
1011902 - SolarWinds Access Rights Manager Insecure Deserialization Vulnerability (CVE-2023-35184)


Web Server Miscellaneous
1011898 - Apache Superset Improper Input Validation Vulnerability (CVE-2023-39265)
1011906 - XWiki Change Request Extension Code Injection Vulnerability (CVE-2023-45138)
1011904 - XWiki Cross-Site Scripting Vulnerability (CVE-2023-40176)


Zoho ManageEngine AssetExplorer_SupportCenter Plus_ADManager Plus
1011879* - Zoho ManageEngine ADManager Plus Directory Traversal Vulnerability (CVE-2023-39912)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.