24-039 (August 20, 2024)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

HP Intelligent Management Center (IMC)
1012103 - Apache OFBiz Directory Traversal Vulnerability (CVE-2024-32113 and CVE-2024-36104)


PaperCut
1012082* - PaperCut NG and MF Remote Code Execution Vulnerability (CVE-2024-1882)


Progress WhatsUp Gold WCF service
1012117 - Progress WhatsUp Gold Directory Traversal Vulnerability (CVE-2024-4883)


SolarWinds Dameware Web Help Desk
1012127* - SolarWinds Dameware Web Help Desk Deserialization Remote Code Execution Vulnerability (CVE-2024-28986)


Web Application Common
1012110 - GeoServer Remote Code Execution Vulnerability (CVE-2024-36401)
1011998* - Kafka UI Remote Code Execution Vulnerability (CVE-2023-52251)


Web Application PHP Based
1012121 - LibreNMS SQL Injection Vulnerability (CVE-2024-32480)
1012125 - OpenCart Directory Traversal Vulnerability (CVE-2024-21518)
1012126 - WordPress 'SEO' Plugin SQL Injection Vulnerability (CVE-2024-6497)


Web Server HTTPS
1012089* - GitLab Regular Expression Denial of Service Vulnerability (CVE-2024-2829)
1012088* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-29826)
1012084* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-29830)


Web Server Miscellaneous
1012043* - XWiki Code Injection Vulnerability (CVE-2024-31984)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.