Rule Update

21-019 (April 20, 2021)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Asterisk Manager Interface (AMI) HTTP
1009148 - Asterisk HTTP Server Denial Of Service Vulnerability (CVE-2018-7287)

HP Intelligent Management Center (IMC)
1010889* - Apache OFBiz Unsafe Deserialization Vulnerability (CVE-2021-26295)

Mail Server Common
1010001* - Dovecot And Pigeonhole Remote Code Execution Vulnerability (CVE-2019-11500)

Microsoft Office
1010909 - Microsoft Excel Remote Code Execution Vulnerability (CVE-2021-28454)
1010914 - Microsoft Word Remote Code Execution Vulnerability (CVE-2021-28453)

Web Application Common
1010899 - LightCMS Stored Cross-Site Scripting Vulnerability (CVE-2021-3355)

Web Client Common
1010904 - Google Chrome Insufficient Data Validation Vulnerability (CVE-2020-16040)

Web Client Internet Explorer/Edge
1010857* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2021-26411)
1010912 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2021-26411) -1

Web Server Common
1010902 - Apache Druid Remote Code Execution Vulnerability (CVE-2021-26919)
1010905 - B2evolution CMS Open Redirect Vulnerability (CVE-2020-22840)
1010892* - B2evolution CMS Reflected Cross Site Scripting Vulnerability (CVE-2020-22839)
1010885* - CMS Made Simple Smarty Server-side Template Injection Vulnerability (CVE-2021-26120)

Web Server HTTPS
1010913 - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-26858)

Integrity Monitoring Rules:

1006683* - TMTR-0016: Suspicious Running Processes Detected

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.