24-058 (December 17, 2024)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Advanced Message Queuing Protocol (AMQP)
1012050* - SolarWinds Access Rights Manager Remote Code Execution Vulnerability (CVE-2023-40057 & CVE-2024-28075)


Arcserve Unified Data Protection
1012077* - Arcserve Unified Data Protection Remote Code Execution Vulnerability (CVE-2023-26258)


Cleo
1012234 - Cleo Multiple Products Remote Code Execution Vulnerability (CVE-2024-50623)


DHCP Failover Protocol Server
1012136* - Microsoft Windows DHCP Server Denial of Service Vulnerability (CVE-2024-30070)


HP AutoPass License Server
1012228 - HPE AutoPass License Server Authentication Bypass Vulnerability (CVE-2024-51767)


Ivanti Endpoint Manager
1012149* - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities - 1
1012211* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32839)


Web Application PHP Based
1012194 - WordPress 'WP Brutal AI' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2023-2606)


Web Server Apache
1012168* - Apache Httpd Server-Side Request Forgery Vulnerability (CVE-2024-38472)


Web Server HTTPS
1012105* - GitLab Regular Expression Denial Of Service Vulnerability (CVE-2024-2878)
1012094* - Progress WhatsUp Gold Server-Side Request Forgery Vulnerability (CVE-2024-5015)
1011902* - SolarWinds Access Rights Manager Insecure Deserialization Vulnerability (CVE-2023-35184 and CVE-2024-23478)
1012224 - WordPress 'Really Simple Security' Plugin Authentication Bypass Vulnerability (CVE-2024-10924)
1012221 - Zimbra Collaboration Reflected Cross-Site Scripting Vulnerability (CVE-2024-50599)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.