Description

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Redis Server
1011402 - Redis Remote Code Execution Vulnerability (CVE-2022-0543)


Veeam Distribution Service
1011408 - Veeam Backup and Replication Authentication Bypass Vulnerability (CVE-2022-26501)


Web Application PHP Based
1011405 - WordPress 'Elementor Website Builder' Plugin Arbitrary File Upload Vulnerability (CVE-2022-1329)
1011409 - WordPress 'Hummingbird' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0994)
1011410 - WordPress 'Loco Translate' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0765)
1011400* - WordPress 'Modern Events Calendar Lite' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0364)
1011404* - WordPress 'UpdraftPlus' Plugin Cross-Site Scripting Vulnerability (CVE-2022-0864)
1011407 - WordPress 'WP Downgrade' Plugin Cross-Site Scripting Vulnerability (CVE-2022-1001)
1011401* - WordPress 'iQ Block Country' Plugin Arbitrary File Deletion Vulnerability (CVE-2022-0246)


Web Client Common
1011415 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB22-16) - 3


Web Server Common
1011414 - SuiteCRM Remote Code Execution Vulnerability (CVE-2020-28328)


Web Server HTTPS
1011395* - Lighttpd Denial of Service Vulnerability (CVE-2022-22707)
1011406 - SalesAgility SuiteCRM Remote Code Execution Vulnerability (CVE-2022-23940)


Web Server Miscellaneous
1011403 - Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)
1011396* - Jenkins 'Active Choices' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21616)


Web Server Oracle
1011413 - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638) - 1


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.