Rule Update

20-028 (June 16, 2020)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1010317* - Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2020-1301)

HP Intelligent Management Center (IMC)
1010248* - HPE Intelligent Management Center 'ForwardRedirect' Expression Language Injection Vulnerability (CVE-2019-11969)

Web Application Common
1010332 - Netty HTTP Request Smuggling Vulnerability (CVE-2020-7238)
1010218* - SolarWinds Serv-U FTP Server Web UI Stored Cross-Site Scripting Vulnerability (CVE-2019-13182) - 1
1010282* - Sonatype Nexus Repository Manager Java EL Injection Remote Code Execution Vulnerability (CVE-2020-10199)
1010334 - Telerik UI For ASP.NET AJAX Insecure Deserialization Vulnerability (CVE-2019-18935)

Web Application Tomcat
1010320* - Apache Tomcat Deserialization Of Untrusted Data Remote Code Execution Vulnerability (CVE-2020-9484)

Web Client Common
1010330 - Microsoft Windows Media Foundation Remote Code Execution Vulnerability (CVE-2020-1238)
1010329 - Microsoft Windows Media Player Information Disclosure Vulnerability (CVE-2020-1232)
1010331 - Microsoft Windows Media Player Remote Code Execution Vulnerability (CVE-2020-1239)
1010324 - Zoho ManageEngine ServiceDesk Plus Cross Site Scripting Vulnerability (CVE-2019-15083)

Web Server Common
1010323 - Gila CMS Image Upload Remote Code Execution Vulnerability (CVE-2020-5514)
1010283 - Microsoft .NET Framework Remote Code Execution Injection Vulnerability (CVE-2020-0646)

Web Server Oracle
1010292* - Oracle WebLogic Server T3 Protocol Insecure Deserialization Vulnerability (CVE-2020-2884)

Web Server SharePoint
1010335 - Identified Microsoft Windows SharePoint Web Part Arbitrary File Upload

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.