Rule Update

22-017 (April 5, 2022)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

OpenSSL Client
1011370 - OpenSSL Client Denial Of Service Vulnerability (CVE-2022-0778)

Web Application Common
1011364 - Dolibarr ERP And CRM Code Injection Vulnerability (CVE-2022-0819)

Web Application PHP Based
1011358* - WordPress 'CP Blocks' Plugin Cross-Site Scripting Vulnerability (CVE-2022-0448)
1011302* - WordPress 'Contact Form 7' plugin Unauthenticated Stored Cross-Site Scripting Vulnerability (CVE-2021-25080)
1011356 - WordPress 'Header Footer Code Manager' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0710)
1011353 - WordPress 'MasterStudy LMS' Plugin Admin Account Creation Vulnerability (CVE-2022-0441)
1011375 - WordPress 'Photoswipe Masonry Gallery' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0750)
1011352* - WordPress 'Titan Labs Security Audit' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24901)
1011340* - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-25148)

Web Client Common
1011367 - Chromium Based Browsers Incorrect Authorization Vulnerability (CVE-2022-0309)
1011368 - Chromium Based Browsers Use After Free Vulnerability (CVE-2022-0297)
1011374 - Chromium Use After Free Vulnerability (CVE-2022-0609)

Web Client Mozilla Firefox
1011361 - Mozilla Firefox Use-After-Free Remote Code Execution Vulnerability (CVE-2022-26381)

Web Server Common
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011265* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-45046)
1011344* - BMC Track-It Unrestricted File Upload Remote Code Execution Vulnerability (CVE-2021-35002)
1010175* - Cross-Site Scripting (XSS) Decoder
1011372* - Spring Framework "Spring4Shell" Remote Code Execution Vulnerability (CVE-2022-22965)
1010721* - VMware Multiple Products Command Injection Vulnerability (CVE-2020-4006)

Web Server Miscellaneous
1011376 - VMware Spring Cloud Gateway Remote Code Execution Vulnerability (CVE-2022-22947)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

1002831* - Unix - Syslog