24-028 (June 11, 2024)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Ivanti Avalanche
1012053 - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2024-24994)


Parse Server
1012057 - Parse Server SQL Injection Vulnerability (CVE-2024-27298)


Progress Telerik Reporting
1012042 - Progress Telerik Report Server Insecure Deserialization Vulnerability (CVE-2024-1800)


Unix Samba
1011786* - Canonical KSMBD-Tools Remote Code Execution Vulnerability (ZDI-CAN-17770)
1011930* - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2023-32252)
1011717* - Linux Kernel KSMBD Use After Free Vulnerability (CVE-2022-47939)


Web Application PHP Based
1012066 - PHP-CGI Command Injection Vulnerability (CVE-2024-4577)
1011862* - WordPress 'Ultimate Member' Plugin Privilege Escalation Vulnerability (CVE-2023-3460)


Web Server Adobe ColdFusion
1011885* - Adobe ColdFusion Improper Access Control Vulnerability (CVE-2023-38205)


Web Server HTTPS
1012058 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-29846)


Web Server Miscellaneous
1011948* - Ivanti Avalanche Remote Code Execution Vulnerability (CVE-2023-46263 and CVE-2024-29848)
1012047 - XWiki Code Injection Vulnerability (CVE-2024-31997)


Web Server SharePoint
1011807* - Microsoft SharePoint Information Disclosure Vulnerability (CVE-2023-24954)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1008670* - Microsoft Windows Security Events - 3