Rule Update
24-014 (March 12, 2024)
Publish date: March 12, 2024
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1011940* - Apache OFBiz Authentication Bypass Vulnerability (CVE-2023-51467)
1011990 - Apache OFBiz Information Disclosure Vulnerability (CVE-2024-23946)
SolarWinds Information Service
1011921* - SolarWinds Network Configuration Manager Remote Code Execution Vulnerability (CVE-2023-33227)
Web Application Common
1000608* - Generic SQL Injection Prevention
Web Application PHP Based
1011993 - LibreNMS SQL Injection Vulnerability (CVE-2023-5591)
1011992 - WordPress 'Paid Memberships Pro' Plugin Arbitrary File Upload Vulnerability (CVE-2023-6187)
Web Application Tomcat
1003094* - Identified runtime.getRuntime().exec() In HTTP Request
Web Proxy Squid
1011997 - Squid Proxy Denial Of Service Vulnerability (CVE-2023-49285) - Client
Web Server HTTPS
1011902* - SolarWinds Access Rights Manager Insecure Deserialization Vulnerability (CVE-2023-35184)
Web Server Miscellaneous
1011994 - Graylog Open Insecure Deserialization Vulnerability (CVE-2024-24824)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1011940* - Apache OFBiz Authentication Bypass Vulnerability (CVE-2023-51467)
1011990 - Apache OFBiz Information Disclosure Vulnerability (CVE-2024-23946)
SolarWinds Information Service
1011921* - SolarWinds Network Configuration Manager Remote Code Execution Vulnerability (CVE-2023-33227)
Web Application Common
1000608* - Generic SQL Injection Prevention
Web Application PHP Based
1011993 - LibreNMS SQL Injection Vulnerability (CVE-2023-5591)
1011992 - WordPress 'Paid Memberships Pro' Plugin Arbitrary File Upload Vulnerability (CVE-2023-6187)
Web Application Tomcat
1003094* - Identified runtime.getRuntime().exec() In HTTP Request
Web Proxy Squid
1011997 - Squid Proxy Denial Of Service Vulnerability (CVE-2023-49285) - Client
Web Server HTTPS
1011902* - SolarWinds Access Rights Manager Insecure Deserialization Vulnerability (CVE-2023-35184)
Web Server Miscellaneous
1011994 - Graylog Open Insecure Deserialization Vulnerability (CVE-2024-24824)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Featured Stories
- Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
- A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
- How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more
- Abusing Argo CD, Helm, and Artifact Hub: An Analysis of Supply Chain Attacks in Cloud-Native ApplicationsWe provide an overview of cloud-native tools and examine how cybercriminals can exploit their vulnerabilities to launch supply chain attacks.Read more