Rule Update
22-003 (January 18, 2022)
Publish date: January 18, 2022
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Mail Server Common
1010001* - Dovecot And Pigeonhole Remote Code Execution Vulnerability (CVE-2019-11500)
Web Application PHP Based
1011278 - October CMS Security Bypass Vulnerability (CVE-2021-32648)
Web Application Ruby Based
1011231* - Grafana Cross Site Scripting Vulnerability (CVE-2021-41174)
Web Client Common
1011276 - Adobe Acrobat And Reader Improper Access Control Vulnerability (CVE-2021-44702)
1011275 - Adobe Acrobat And Reader Improper Input Validation Vulnerability (CVE-2021-44739)
1011277 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-01)
Web Server Apache
1011183* - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)
Web Server Common
1011249* - Apache Log4j Denial of Service Vulnerability (CVE-2021-45105)
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011270 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - 1
1011274 - Microsoft Windows HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2022-21907)
1011262 - SuiteCRM Remote Code Execution Vulnerability (CVE-2021-42840)
Web Server HTTPS
1011247 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2021-22238)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011273 - Microsoft Windows Firewall Events
1011250* - Web Server - Apache - 2
Deep Packet Inspection Rules:
Mail Server Common
1010001* - Dovecot And Pigeonhole Remote Code Execution Vulnerability (CVE-2019-11500)
Web Application PHP Based
1011278 - October CMS Security Bypass Vulnerability (CVE-2021-32648)
Web Application Ruby Based
1011231* - Grafana Cross Site Scripting Vulnerability (CVE-2021-41174)
Web Client Common
1011276 - Adobe Acrobat And Reader Improper Access Control Vulnerability (CVE-2021-44702)
1011275 - Adobe Acrobat And Reader Improper Input Validation Vulnerability (CVE-2021-44739)
1011277 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-01)
Web Server Apache
1011183* - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)
Web Server Common
1011249* - Apache Log4j Denial of Service Vulnerability (CVE-2021-45105)
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011270 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - 1
1011274 - Microsoft Windows HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2022-21907)
1011262 - SuiteCRM Remote Code Execution Vulnerability (CVE-2021-42840)
Web Server HTTPS
1011247 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2021-22238)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011273 - Microsoft Windows Firewall Events
1011250* - Web Server - Apache - 2
Featured Stories
- Kong API Gateway Misconfigurations: An API Gateway Security Case StudyTools that aggregate access into multiple different environments, such as API gateways, pose a security risk for all these environments upon breach. In this article, we continue our journey through the security issues of the API Gateway landscape. Our new research focuses on another popular API gateway — Kong.Read more
- Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
- A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
- How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more