Rule Update

22-036 (July 26, 2022)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Apache Spark
1011499 - Apache Spark Command Injection Vulnerability (CVE-2022-33891)

Oracle SQL Net (TNS) Listener
1011497 - Identified Oracle Database Server Startup Upgrade Usage Attempt

Sante PACS Server
1011485* - Sante PACS Server SQL Injection Authentication Bypass Vulnerability (CVE-2022-2272)

Web Application Common
1010339* - Netty HTTP Request Smuggling Vulnerability (CVE-2019-20444)
1011490* - Zoho ManageEngine ADAudit Plus XML External Entity Injection Vulnerability (CVE-2022-28219)

Web Application PHP Based
1011489* - WordPress 'Random Banner' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0210)

Web Server Common
1011494 - BMC Track-It! 'GetPopupSubQueryDetails' SQL Injection Vulnerability (CVE-2022-35864)
1011493 - BMC Track-It! Improper Access Control Vulnerability (CVE-2022-35865)
1011343* - BMC Track-It! Information Disclosure Vulnerability (CVE-2021-35001)
1011344* - BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerability (CVE-2021-35002)
1011498 - Identified Login Attempt With User 'disabledsystemuser' To Atlassian Confluence Server Or Data Center

Web Server HTTPS
1011488* - Centreon 'Poller Resource' SQL Injection Vulnerability (CVE-2022-34871)
1011487* - Centreon 'Virtual Metrics' SQL Injection Vulnerability (CVE-2022-34872)
1011491* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2022-23277)

Web Server Miscellaneous
1011495 - Atlassian 'Mobile Plugin for Jira Data Center and Server' Plugin Server-Side Request Forgery Vulnerability (CVE-2022-26135)
1011496 - Jenkins 'GitLab' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-34777)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.