Rule Update

24-052 (November 5, 2024)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

HP Intelligent Management Center (IMC)
1012120* - Apache OFBiz Authentication Bypass Vulnerability (CVE-2024-38856)


Ivanti Endpoint Manager
1012154* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32842)
1012155* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32845)


JetBrains TeamCity
1012181 - JetBrains TeamCity Directory Traversal Vulnerability (CVE-2024-47949)


MLflow
1012096* - MLflow Path Traversal Vulnerability (CVE-2023-6909)


Web Application PHP Based
1012175 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2024-47525)
1012157 - SPIP 'BigUp' Plugin Remote Code Execution Vulnerability (CVE-2024-8517)


Web Server Adobe ColdFusion
1012140* - Adobe ColdFusion Deserialization Of Untrusted Data Vulnerability (CVE-2024-41874)


Web Server HTTPS
1012119* - Progress WhatsUp Gold Denial Of Service Vulnerability (CVE-2024-5011)
1012118* - Progress WhatsUp Gold Unrestricted File Upload Vulnerability (CVE-2024-4884)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)