Rule Update
23-013 (March 28, 2023)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011704 - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)
HP Intelligent Management Center (IMC)
1011687 - HPE Intelligent Management Center 'getAddFormBean' Remote Code Execution Vulnerability (CVE-2019-5352)
1011688 - HPE Intelligent Management Center 'getInsListBean' Remote Code Execution Vulnerability (CVE-2019-5354)
Oracle E-Business Suite Web Interface
1011709 - Oracle E-Business Suite Web Applications Desktop Integrator Directory Traversal Vulnerability (CVE-2022-39428)
SolarWinds Information Service
1011586* - SolarWinds Network Performance Monitor 'DeserializeFromStrippedXml' Insecure Deserialization Vulnerability (CVE-2022-36958)
Web Application PHP Based
1011702 - Froxlor Arbitrary File Overwrite Vulnerability (CVE-2023-0315)
Web Application Ruby Based
1011705 - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2023-0507)
Web Client Common
1011710 - Foxit PDF Reader And Editor Use After Free Vulnerability (CVE-2023-27329)
1011711 - Foxit PDF Reader And Editor Use After Free Vulnerability (CVE-2023-27331)
Web Server Miscellaneous
1011713 - XWiki Code Injection Vulnerability (CVE-2023-26475)
Zabbix Server
1011698 - Zabbix Server Arbitrary File Read Vulnerability (CVE-2022-46768)
dotCMS
1011460* - dotCMS Directory Traversal Vulnerability (CVE-2022-26352)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011704 - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)
HP Intelligent Management Center (IMC)
1011687 - HPE Intelligent Management Center 'getAddFormBean' Remote Code Execution Vulnerability (CVE-2019-5352)
1011688 - HPE Intelligent Management Center 'getInsListBean' Remote Code Execution Vulnerability (CVE-2019-5354)
Oracle E-Business Suite Web Interface
1011709 - Oracle E-Business Suite Web Applications Desktop Integrator Directory Traversal Vulnerability (CVE-2022-39428)
SolarWinds Information Service
1011586* - SolarWinds Network Performance Monitor 'DeserializeFromStrippedXml' Insecure Deserialization Vulnerability (CVE-2022-36958)
Web Application PHP Based
1011702 - Froxlor Arbitrary File Overwrite Vulnerability (CVE-2023-0315)
Web Application Ruby Based
1011705 - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2023-0507)
Web Client Common
1011710 - Foxit PDF Reader And Editor Use After Free Vulnerability (CVE-2023-27329)
1011711 - Foxit PDF Reader And Editor Use After Free Vulnerability (CVE-2023-27331)
Web Server Miscellaneous
1011713 - XWiki Code Injection Vulnerability (CVE-2023-26475)
Zabbix Server
1011698 - Zabbix Server Arbitrary File Read Vulnerability (CVE-2022-46768)
dotCMS
1011460* - dotCMS Directory Traversal Vulnerability (CVE-2022-26352)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.