Deep Security Center
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache Spark
1011499* - Apache Spark Command Injection Vulnerability (CVE-2022-33891)
Directory Server LDAP
1011531 - Microsoft Windows Active Directory Certificate Services Privilege Escalation Vulnerability (CVE-2022-34691)
1011246* - Microsoft Windows Active Directory Domain Services Elevation of Privilege Vulnerability Over LDAP (CVE-2021-42278)
Web Application Common
1011364* - Dolibarr ERP And CRM Code Injection Vulnerability (CVE-2022-0819)
Web Server HTTPS
1011525* - Zimbra Collaboration Cross-Site Scripting Vulnerability (CVE-2022-24682) - Server
Zoho ManageEngine
1011527* - Zoho ManageEngine Multiple Products 'getDNSResolveOption' Command Injection Vulnerability (CVE-2022-37024)
1011526* - Zoho ManageEngine Multiple Products 'getNmapInitialOption' Command Injection Vulnerability (CVE-2022-38772)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011241* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011453* - Microsoft Windows WMI Events - 1
Deep Packet Inspection Rules:
Apache Spark
1011499* - Apache Spark Command Injection Vulnerability (CVE-2022-33891)
Directory Server LDAP
1011531 - Microsoft Windows Active Directory Certificate Services Privilege Escalation Vulnerability (CVE-2022-34691)
1011246* - Microsoft Windows Active Directory Domain Services Elevation of Privilege Vulnerability Over LDAP (CVE-2021-42278)
Web Application Common
1011364* - Dolibarr ERP And CRM Code Injection Vulnerability (CVE-2022-0819)
Web Server HTTPS
1011525* - Zimbra Collaboration Cross-Site Scripting Vulnerability (CVE-2022-24682) - Server
Zoho ManageEngine
1011527* - Zoho ManageEngine Multiple Products 'getDNSResolveOption' Command Injection Vulnerability (CVE-2022-37024)
1011526* - Zoho ManageEngine Multiple Products 'getNmapInitialOption' Command Injection Vulnerability (CVE-2022-38772)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011241* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011453* - Microsoft Windows WMI Events - 1
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services - Client
1011517 - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (DogWalk) Over SMB (CVE-2022-34713)
DNS Client
1011523 - Identified Usage of dnscat2 Tool
Web Application PHP Based
1011528 - WordPress 'Simple File List' Plugin Directory Traversal Vulnerability (CVE-2022-1119)
Web Client Common
1011350* - Zimbra Collaboration Cross-Site Scripting Vulnerability (CVE-2022-24682) - Client
Web Server HTTPS
1011525 - Zimbra Collaboration Cross-Site Scripting Vulnerability (CVE-2022-24682) - Server
Web Server IIS
1003671* - Microsoft ASP.NET Remote Unauthenticated Denial Of Service Vulnerability (CVE-2009-1536)
Web Server Miscellaneous
1011521* - Atlassian Jira Server and Data Center Reflected Cross Site Scripting Vulnerability (CVE-2022-36801)
Webmin
1011520* - Webmin Remote Code Execution Vulnerability (CVE-2022-36446)
Zimbra Proxy
1011514* - Zimbra Collaboration CRLF Injection Vulnerability (CVE-2022-27924)
Zoho ManageEngine
1011527 - Zoho ManageEngine Multiple Products 'getDNSResolveOption' Command Injection Vulnerability (CVE-2022-37024)
1011526 - Zoho ManageEngine Multiple Products 'getNmapInitialOption' Command Injection Vulnerability (CVE-2022-38772)
1011522* - Zoho ManageEngine Multiple Products 'getUserAPIKey' Authentication Bypass Vulnerability (CVE-2022-36923)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
Deep Packet Inspection Rules:
DCERPC Services - Client
1011517 - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (DogWalk) Over SMB (CVE-2022-34713)
DNS Client
1011523 - Identified Usage of dnscat2 Tool
Web Application PHP Based
1011528 - WordPress 'Simple File List' Plugin Directory Traversal Vulnerability (CVE-2022-1119)
Web Client Common
1011350* - Zimbra Collaboration Cross-Site Scripting Vulnerability (CVE-2022-24682) - Client
Web Server HTTPS
1011525 - Zimbra Collaboration Cross-Site Scripting Vulnerability (CVE-2022-24682) - Server
Web Server IIS
1003671* - Microsoft ASP.NET Remote Unauthenticated Denial Of Service Vulnerability (CVE-2009-1536)
Web Server Miscellaneous
1011521* - Atlassian Jira Server and Data Center Reflected Cross Site Scripting Vulnerability (CVE-2022-36801)
Webmin
1011520* - Webmin Remote Code Execution Vulnerability (CVE-2022-36446)
Zimbra Proxy
1011514* - Zimbra Collaboration CRLF Injection Vulnerability (CVE-2022-27924)
Zoho ManageEngine
1011527 - Zoho ManageEngine Multiple Products 'getDNSResolveOption' Command Injection Vulnerability (CVE-2022-37024)
1011526 - Zoho ManageEngine Multiple Products 'getNmapInitialOption' Command Injection Vulnerability (CVE-2022-38772)
1011522* - Zoho ManageEngine Multiple Products 'getUserAPIKey' Authentication Bypass Vulnerability (CVE-2022-36923)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Oracle E-Business Suite Web Interface
1011516* - Oracle E-Business Suite Unauthorized Access Vulnerability (CVE-2022-21500)
Web Client Common
1011350 - Zimbra Collaboration Cross-site Scripting Vulnerability (CVE-2022-24682)
Web Server Common
1011510* - Pandora FMS Authenticated Remote Code Execution Vulnerability (CVE-2020-5844)
Web Server IIS
1006434* - Microsoft IIS Directory Traversal Vulnerability
1000101* - Microsoft IIS Malformed HTTP Request DoS Vulnerability
Web Server Miscellaneous
1011521 - Atlassian Jira Server and Data Center Reflected Cross Site Scripting Vulnerability (CVE-2022-36801)
Webmin
1011520 - Webmin Remote Code Execution Vulnerability (CVE-2022-36446)
Zimbra Proxy
1011514 - Zimbra Collaboration CRLF Injection Vulnerability (CVE-2022-27924)
Zoho ManageEngine
1011522 - Zoho ManageEngine Multiple Products 'getUserAPIKey' Authentication Bypass Vulnerability (CVE-2022-36923)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Oracle E-Business Suite Web Interface
1011516* - Oracle E-Business Suite Unauthorized Access Vulnerability (CVE-2022-21500)
Web Client Common
1011350 - Zimbra Collaboration Cross-site Scripting Vulnerability (CVE-2022-24682)
Web Server Common
1011510* - Pandora FMS Authenticated Remote Code Execution Vulnerability (CVE-2020-5844)
Web Server IIS
1006434* - Microsoft IIS Directory Traversal Vulnerability
1000101* - Microsoft IIS Malformed HTTP Request DoS Vulnerability
Web Server Miscellaneous
1011521 - Atlassian Jira Server and Data Center Reflected Cross Site Scripting Vulnerability (CVE-2022-36801)
Webmin
1011520 - Webmin Remote Code Execution Vulnerability (CVE-2022-36446)
Zimbra Proxy
1011514 - Zimbra Collaboration CRLF Injection Vulnerability (CVE-2022-27924)
Zoho ManageEngine
1011522 - Zoho ManageEngine Multiple Products 'getUserAPIKey' Authentication Bypass Vulnerability (CVE-2022-36923)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Oracle E-Business Suite Web Interface
1011516 - Oracle E-Business Suite Unauthorized Access Vulnerability (CVE-2022-21500)
Remote Desktop Protocol Server
1003716* - Identified Too Many Remote Desktop Protocol (RDP) Connection Request
Unix SSH
1011515 - Detected SSH Client Traffic - 1
Web Application Ruby Based
1011509* - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2022-31097)
Web Application Tomcat
1003954* - Apache Tomcat Directory Traversal Weakness
Web Client Common
1011518 - Foxit PDF Reader And Editor Multiple Security Vulnerabilities
Web Server HTTPS
1011519 - Node.js HTTP Request Smuggling Attack (CVE-2022-32214)
Zimbra Admin Console Ports
1011513* - Zimbra Collaboration Multiple Directory Traversal Vulnerabilities (CVE-2022-27925 & CVE-2022-37042)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011453* - Microsoft Windows WMI Events - 1
Deep Packet Inspection Rules:
Oracle E-Business Suite Web Interface
1011516 - Oracle E-Business Suite Unauthorized Access Vulnerability (CVE-2022-21500)
Remote Desktop Protocol Server
1003716* - Identified Too Many Remote Desktop Protocol (RDP) Connection Request
Unix SSH
1011515 - Detected SSH Client Traffic - 1
Web Application Ruby Based
1011509* - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2022-31097)
Web Application Tomcat
1003954* - Apache Tomcat Directory Traversal Weakness
Web Client Common
1011518 - Foxit PDF Reader And Editor Multiple Security Vulnerabilities
Web Server HTTPS
1011519 - Node.js HTTP Request Smuggling Attack (CVE-2022-32214)
Zimbra Admin Console Ports
1011513* - Zimbra Collaboration Multiple Directory Traversal Vulnerabilities (CVE-2022-27925 & CVE-2022-37042)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011453* - Microsoft Windows WMI Events - 1
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Microsoft Office
1011504 - Microsoft Excel Memory Corruption Vulnerability (CVE-2005-4131)
Web Application Common
1011490* - Zoho ManageEngine ADAudit Plus XML External Entity Injection Vulnerability (CVE-2022-28219)
Web Application PHP Based
1007459* - Drupal XRDS Document Denial Of Service Vulnerability (CVE-2014-5267)
1011170* - WordPress 'Contact Form' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24276)
Web Client Common
1011500 - Identified Download of Python Reverse Shell Payload Over HTTP
Web Server Common
1011510 - Pandora FMS Authenticated Remote Code Execution Vulnerability (CVE-2020-5844)
Web Service HP SiteScope
1005233* - HP SiteScope API Preferences Security Bypass Vulnerability (CVE-2012-3261)
Zimbra Admin Console Ports
1011513 - Zimbra Collaboration Multiple Directory Traversal Vulnerabilities (CVE-2022-27925 & CVE-2022-37042)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011512 - Microsoft DFS Server Activity
Deep Packet Inspection Rules:
Microsoft Office
1011504 - Microsoft Excel Memory Corruption Vulnerability (CVE-2005-4131)
Web Application Common
1011490* - Zoho ManageEngine ADAudit Plus XML External Entity Injection Vulnerability (CVE-2022-28219)
Web Application PHP Based
1007459* - Drupal XRDS Document Denial Of Service Vulnerability (CVE-2014-5267)
1011170* - WordPress 'Contact Form' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24276)
Web Client Common
1011500 - Identified Download of Python Reverse Shell Payload Over HTTP
Web Server Common
1011510 - Pandora FMS Authenticated Remote Code Execution Vulnerability (CVE-2020-5844)
Web Service HP SiteScope
1005233* - HP SiteScope API Preferences Security Bypass Vulnerability (CVE-2012-3261)
Zimbra Admin Console Ports
1011513 - Zimbra Collaboration Multiple Directory Traversal Vulnerabilities (CVE-2022-27925 & CVE-2022-37042)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011512 - Microsoft DFS Server Activity
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Client Common
1011511 - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (DogWalk) (CVE-2022-34713)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Web Client Common
1011511 - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (DogWalk) (CVE-2022-34713)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Microsoft Office
1011506 - Microsoft Excel Memory Corruption Vulnerability (CVE-2008-0114)
1011507 - Microsoft Excel Memory Corruption Vulnerability (CVE-2008-0115)
1011508 - Microsoft Excel Memory Corruption Vulnerability (CVE-2008-0116)
MySQL Cluster NDBD
1011502* - Oracle MySQL Cluster Data Node Buffer Overflow Vulnerability (CVE-2022-21489)
Web Application Ruby Based
1011509 - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2022-31097)
Web Server Common
1000128* - HTTP Protocol Decoding
Web Server HTTPS
1011505 - Node.js HTTP Request Smuggling Vulnerability (CVE-2022-32213)
Web Server Miscellaneous
1011501* - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2022-2230)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1003802* - Directory Server - Microsoft Windows Active Directory
1011453* - Microsoft Windows WMI Events - 1
Deep Packet Inspection Rules:
Microsoft Office
1011506 - Microsoft Excel Memory Corruption Vulnerability (CVE-2008-0114)
1011507 - Microsoft Excel Memory Corruption Vulnerability (CVE-2008-0115)
1011508 - Microsoft Excel Memory Corruption Vulnerability (CVE-2008-0116)
MySQL Cluster NDBD
1011502* - Oracle MySQL Cluster Data Node Buffer Overflow Vulnerability (CVE-2022-21489)
Web Application Ruby Based
1011509 - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2022-31097)
Web Server Common
1000128* - HTTP Protocol Decoding
Web Server HTTPS
1011505 - Node.js HTTP Request Smuggling Vulnerability (CVE-2022-32213)
Web Server Miscellaneous
1011501* - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2022-2230)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1003802* - Directory Server - Microsoft Windows Active Directory
1011453* - Microsoft Windows WMI Events - 1
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache Spark
1011499* - Apache Spark Command Injection Vulnerability (CVE-2022-33891)
MySQL Cluster NDBD
1011502 - Oracle MySQL Cluster Data Node Buffer Overflow Vulnerability (CVE-2022-21489)
Suspicious Client Application Activity
1001162* - Detected HTTP Client Traffic (ATT&CK T1071.001)
Web Application Tomcat
1002691* - Apache Tomcat Directory Traversal Vulnerability
1000967* - Apache Tomcat Servlet Engine Directory Traversal
Web Server Common
1011494* - BMC Track-It! 'GetPopupSubQueryDetails' SQL Injection Vulnerability (CVE-2022-35864)
1011493* - BMC Track-It! Improper Access Control Vulnerability (CVE-2022-35865)
Web Server Miscellaneous
1011495* - Atlassian 'Mobile Plugin for Jira Data Center and Server' Plugin Server-Side Request Forgery Vulnerability (CVE-2022-26135)
1011501 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2022-2230)
1011496* - Jenkins 'GitLab' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-34777)
1005516* - RedHat JBoss Enterprise Application Platform Block Access To Status Servlet
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Apache Spark
1011499* - Apache Spark Command Injection Vulnerability (CVE-2022-33891)
MySQL Cluster NDBD
1011502 - Oracle MySQL Cluster Data Node Buffer Overflow Vulnerability (CVE-2022-21489)
Suspicious Client Application Activity
1001162* - Detected HTTP Client Traffic (ATT&CK T1071.001)
Web Application Tomcat
1002691* - Apache Tomcat Directory Traversal Vulnerability
1000967* - Apache Tomcat Servlet Engine Directory Traversal
Web Server Common
1011494* - BMC Track-It! 'GetPopupSubQueryDetails' SQL Injection Vulnerability (CVE-2022-35864)
1011493* - BMC Track-It! Improper Access Control Vulnerability (CVE-2022-35865)
Web Server Miscellaneous
1011495* - Atlassian 'Mobile Plugin for Jira Data Center and Server' Plugin Server-Side Request Forgery Vulnerability (CVE-2022-26135)
1011501 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2022-2230)
1011496* - Jenkins 'GitLab' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-34777)
1005516* - RedHat JBoss Enterprise Application Platform Block Access To Status Servlet
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache Spark
1011499 - Apache Spark Command Injection Vulnerability (CVE-2022-33891)
Oracle SQL Net (TNS) Listener
1011497 - Identified Oracle Database Server Startup Upgrade Usage Attempt
Sante PACS Server
1011485* - Sante PACS Server SQL Injection Authentication Bypass Vulnerability (CVE-2022-2272)
Web Application Common
1010339* - Netty HTTP Request Smuggling Vulnerability (CVE-2019-20444)
1011490* - Zoho ManageEngine ADAudit Plus XML External Entity Injection Vulnerability (CVE-2022-28219)
Web Application PHP Based
1011489* - WordPress 'Random Banner' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0210)
Web Server Common
1011494 - BMC Track-It! 'GetPopupSubQueryDetails' SQL Injection Vulnerability (CVE-2022-35864)
1011493 - BMC Track-It! Improper Access Control Vulnerability (CVE-2022-35865)
1011343* - BMC Track-It! Information Disclosure Vulnerability (CVE-2021-35001)
1011344* - BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerability (CVE-2021-35002)
1011498 - Identified Login Attempt With User 'disabledsystemuser' To Atlassian Confluence Server Or Data Center
Web Server HTTPS
1011488* - Centreon 'Poller Resource' SQL Injection Vulnerability (CVE-2022-34871)
1011487* - Centreon 'Virtual Metrics' SQL Injection Vulnerability (CVE-2022-34872)
1011491* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2022-23277)
Web Server Miscellaneous
1011495 - Atlassian 'Mobile Plugin for Jira Data Center and Server' Plugin Server-Side Request Forgery Vulnerability (CVE-2022-26135)
1011496 - Jenkins 'GitLab' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-34777)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Apache Spark
1011499 - Apache Spark Command Injection Vulnerability (CVE-2022-33891)
Oracle SQL Net (TNS) Listener
1011497 - Identified Oracle Database Server Startup Upgrade Usage Attempt
Sante PACS Server
1011485* - Sante PACS Server SQL Injection Authentication Bypass Vulnerability (CVE-2022-2272)
Web Application Common
1010339* - Netty HTTP Request Smuggling Vulnerability (CVE-2019-20444)
1011490* - Zoho ManageEngine ADAudit Plus XML External Entity Injection Vulnerability (CVE-2022-28219)
Web Application PHP Based
1011489* - WordPress 'Random Banner' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0210)
Web Server Common
1011494 - BMC Track-It! 'GetPopupSubQueryDetails' SQL Injection Vulnerability (CVE-2022-35864)
1011493 - BMC Track-It! Improper Access Control Vulnerability (CVE-2022-35865)
1011343* - BMC Track-It! Information Disclosure Vulnerability (CVE-2021-35001)
1011344* - BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerability (CVE-2021-35002)
1011498 - Identified Login Attempt With User 'disabledsystemuser' To Atlassian Confluence Server Or Data Center
Web Server HTTPS
1011488* - Centreon 'Poller Resource' SQL Injection Vulnerability (CVE-2022-34871)
1011487* - Centreon 'Virtual Metrics' SQL Injection Vulnerability (CVE-2022-34872)
1011491* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2022-23277)
Web Server Miscellaneous
1011495 - Atlassian 'Mobile Plugin for Jira Data Center and Server' Plugin Server-Side Request Forgery Vulnerability (CVE-2022-26135)
1011496 - Jenkins 'GitLab' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-34777)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
NFS Server
1011492 - Microsoft Windows Network File System Remote Code Execution Vulnerability (CVE-2022-30136)
Sante PACS Server
1011485 - Sante PACS Server SQL Injection Authentication Bypass Vulnerability (CVE-2022-2272)
Web Application Common
1000552* - Generic Cross Site Scripting(XSS) Prevention
1011490 - Zoho ManageEngine ADAudit Plus XML External Entity Injection Vulnerability (CVE-2022-28219)
Web Application PHP Based
1011481* - WordPress 'Events Made Easy' Plugin SQL Injection Vulnerability (CVE-2022-1905)
1011489 - WordPress 'Random Banner' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0210)
Web Client Common
1011486 - Foxit PDF Reader And Editor Information Disclosure Vulnerability (CVE-2022-34874)
1011445 - Microsoft Windows Media Foundation Memory Corruption Vulnerability (CVE-2020-0807)
Web Server HTTPS
1011488 - Centreon 'Poller Resource' SQL Injection Vulnerability (CVE-2022-34871)
1011487 - Centreon 'Virtual Metrics' SQL Injection Vulnerability (CVE-2022-34872)
1011491 - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2022-23277)
1011479* - OpenSSL 'c_rehash' Script Command Injection Vulnerability (CVE-2022-2068)
Web Server Miscellaneous
1011483* - Jenkins 'JUnit' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-34176)
Integrity Monitoring Rules:
1006683* - TMTR-0016: Suspicious Running Processes Detected (ATT&CK T1560.001)
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
NFS Server
1011492 - Microsoft Windows Network File System Remote Code Execution Vulnerability (CVE-2022-30136)
Sante PACS Server
1011485 - Sante PACS Server SQL Injection Authentication Bypass Vulnerability (CVE-2022-2272)
Web Application Common
1000552* - Generic Cross Site Scripting(XSS) Prevention
1011490 - Zoho ManageEngine ADAudit Plus XML External Entity Injection Vulnerability (CVE-2022-28219)
Web Application PHP Based
1011481* - WordPress 'Events Made Easy' Plugin SQL Injection Vulnerability (CVE-2022-1905)
1011489 - WordPress 'Random Banner' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0210)
Web Client Common
1011486 - Foxit PDF Reader And Editor Information Disclosure Vulnerability (CVE-2022-34874)
1011445 - Microsoft Windows Media Foundation Memory Corruption Vulnerability (CVE-2020-0807)
Web Server HTTPS
1011488 - Centreon 'Poller Resource' SQL Injection Vulnerability (CVE-2022-34871)
1011487 - Centreon 'Virtual Metrics' SQL Injection Vulnerability (CVE-2022-34872)
1011491 - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2022-23277)
1011479* - OpenSSL 'c_rehash' Script Command Injection Vulnerability (CVE-2022-2068)
Web Server Miscellaneous
1011483* - Jenkins 'JUnit' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-34176)
Integrity Monitoring Rules:
1006683* - TMTR-0016: Suspicious Running Processes Detected (ATT&CK T1560.001)
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Featured Stories
- Kong API Gateway Misconfigurations: An API Gateway Security Case StudyTools that aggregate access into multiple different environments, such as API gateways, pose a security risk for all these environments upon breach. In this article, we continue our journey through the security issues of the API Gateway landscape. Our new research focuses on another popular API gateway — Kong.Read more
- Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
- A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
- How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more