Rule Update

23-027 (June 27, 2023)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Advanced Message Queuing Protocol (AMQP)
1011585* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerabilities (CVE-2022-36957 and CVE-2022-38108)

Eclipse Jetty
1011378* - Eclipse Jetty Unauthenticated Information Disclosure Vulnerability (CVE-2021-28169)

1011801 - Microsoft Windows Internet Key Exchange (IKE) Protocol Extensions Denial Of Service Vulnerability (CVE-2023-21758)

1011731* - PaperCut NG Authentication Bypass Vulnerability (CVE-2023-27350)

Unix Samba
1011786 - Canonical KSMBD-Tools Remote Code Execution Vulnerability (ZDI-CAN-17770)
1011796 - Linux Kernel KSMBD Denial of Service Vulnerability (CVE-2023-32247)

Web Application Common
1011789 - GitLab Directory Traversal Vulnerability (CVE-2023-2825)

Web Application PHP Based
1011736* - OpenCATS Cross-Site Scripting Vulnerability (CVE-2023-27293)

Zoho ManageEngine ADAuditPlus
1011785 - Zoho ManageEngine ADAudit Plus Arbitrary File Write Vulnerability (CVE-2021-42847)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.