25-009 (March 4, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Ivanti Avalanche
1012296 - Ivanti Avalanche Path Traversal Vulnerability (CVE-2024-13179)


Ivanti Endpoint Manager
1012271* - Ivanti Endpoint Manager Multiple Denial Of Service Vulnerabilities
1012278 - Ivanti Endpoint Manager Multiple Denial Of Service Vulnerabilities (CVE-2024-13170 and CVE-2024-13167)
1012253 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32848)


JetBrains TeamCity
1012297 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2025-24459)


Solr Service
1012291* - Apache Solr Directory Traversal Vulnerability (CVE-2024-52012)


Web Application PHP Based
1012097* - LibreNMS SQL Injection Vulnerability (CVE-2024-32461)
1012301 - WordPress 'Quiz Maker' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2023-2571)
1012226 - WordPress 'wpForo' Plugin Local File Inclusion Vulnerability (CVE-2023-2249)


Web Client Common
1008828* - Speculative Execution Information Disclosure Vulnerabilities (Spectre)


Web Server HTTPS
1012284 - Apache Traffic Control SQL Injection Vulnerability (CVE-2024-45387)


Web Server Miscellaneous
1012303 - XWiki Code Injection Vulnerability (CVE-2025-24893)


Windows Server DCERPC
1012209* - Microsoft Windows Remote Desktop Licensing Service Denial of Service Vulnerability (CVE-2024-38071)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.