Rule Update

24-056 (December 3, 2024)

Publish date: December 03, 2024

DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

HP Intelligent Management Center (IMC)
1012120* - Apache OFBiz Authentication Bypass Vulnerability (CVE-2024-38856)

IBM WebSphere Application Server
1009803* - IBM Websphere Application Server Remote Code Execution Vulnerability (CVE-2019-4279)

Ivanti Avalanche
1012203 - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2024-23535)
1012053* - Ivanti Avalanche Multiple Vulnerabilities
1012217 - Ivanti Avalanche Remote Code Execution Vulnerability (CVE-2024-23534)
1012200 - Ivanti Avalanche XML External Entity Processing Vulnerability (CVE-2024-38653)

Ivanti Endpoint Manager
1012211 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32839)
1012204 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-50328)

Kubernetes API Server
1012165* - Kubernetes Ingress-Nginx Code Injection Vulnerability (CVE-2023-5044)

Mail Server Common
1012173 - Roundcube Webmail Stored Cross-Site Scripting Vulnerability (CVE-2024-42009)

Progress WhatsUp Gold WCF service
1012123* - Progress WhatsUp Gold Information Disclosure Vulnerability (CVE-2024-5015)

Unix Samba
1012198 - Linux Kernel KSMBD Information Disclosure Vulnerability (CVE-2023-4458)

Web Server Apache
1012166* - Apache Httpd 'mod_cgi Handler' Improper Input Validation Vulnerability (CVE-2024-38476)

Web Server HTTPS
1012218 - Centreon SQL Injection Vulnerability (CVE-2024-39841)
1012170* - Centreon SQL Injection Vulnerability (CVE-2024-39842 and CVE-2024-39843)
1012197 - Centreon SQL Injection Vulnerability (CVE-2024-5725)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

See all Security Updates

Featured Stories

$The Mirage of AI Programming: Hallucinations and Code Integrity$
The Mirage of AI Programming: Hallucinations and Code Integrity
The adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.
Read more
$Open Ran Attack of xApps$
Open RAN: Attack of the xApps
This article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handling
Read more
$A Closer Exploration of Residential Proxies and CAPTCHA-Breaking Services$
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking Services
This article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.
Read more
$How Residential Proxies and CAPTCHA-Solving Services Become Agents of Abuse$
How Residential Proxies and CAPTCHA-Solving Services Become Agents of Abuse
This article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.
Read more

24-056 (December 3, 2024)

DESCRIPTION

Featured Stories

Resources

Support

About Trend

Country Headquarters