Rule Update

23-004 (January 24, 2023)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Atlassian Bitbucket
1011658 - Atlassian Bitbucket Server and Data Center Command Injection Vulnerability (CVE-2022-43781)

CentOS Web Panel
1011657* - CentOS Web Panel Remote Code Execution Vulnerability (CVE-2022-44877)

SAP NetWeaver Java Application Server
1011664 - SAP NetWeaver Unrestricted File Upload Vulnerability (CVE-2021-38163)

SNMP Server
1011647 - Net-SNMP NULL Pointer Dereference Vulnerability (CVE-2022-44792)

Web Application PHP Based
1011439* - WordPress 'Advanced Uploader' Plugin Arbitrary File Upload Vulnerability (CVE-2022-1103)

Web Server Miscellaneous
1011661 - XWiki Code Injection Vulnerability (CVE-2022-36098)

Zoho ManageEngine
1011653* - Zoho ManageEngine ADManager Plus Command Injection Vulnerability (CVE-2022-42904)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

1011654* - Microsoft Windows - Unsecured LSA Buffer Admin Credential Dumping Vulnerability (CVE-2023-21726) (ATT&CK T1003, T1552.002)