25-007 (February 18, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Directory Client LDAP TCP
1012276 - Microsoft Windows LDAP Integer Overflow Vulnerability (CVE-2024-49112)


Microsoft Configuration Manager
1012289 - Microsoft Configuration Manager SQL Injection Vulnerability (CVE-2024-43468)


Progress WhatsUp Gold
1012287 - Progress WhatsUp Gold Directory Traversal Vulnerability (CVE-2024-12105)


Web Application PHP Based
1012265 - WordPress 'White Label MS' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0422)


Web Client Common
1012282 - Microsoft Windows Themes Spoofing Vulnerability (CVE-2025-21308)


Web Server Miscellaneous
1012248 - Jenkins 'Simple Queue' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2024-54003)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.