Rule Update

23-034 (August 8, 2023)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Advanced Message Queuing Protocol (AMQP)
1011834 - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-38111)


Apache RocketMQ
1011831 - Apache RocketMQ Command Injection Vulnerability (CVE-2023-33246)


DCERPC Services - Client
1011517* - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (DogWalk) Over SMB (CVE-2022-34713)


MSMQ Service
1011764* - Microsoft Windows Message Queuing Service Remote Code Execution Vulnerability (CVE-2023-21554)


SSL/TLS Server
1010316* - Identified Suspicious TLS Request - 1 (ATT&CK T1190)


Unix Samba
1011798 - Canonical KSMBD-Tools Buffer Overflow Vulnerability (ZDI-CAN-17822)


Web Application Common
1011836 - Progress MOVEit Transfer SQL Injection Vulnerability (CVE-2023-36932) - 1
1009350* - Telerik UI for ASP.NET AJAX Multiple Arbitrary File Upload Vulnerabilities (CVE-2017-11357 and CVE-2017-11317)


Web Application PHP Based
1011765* - Froxlor Unrestricted File Upload Vulnerability (CVE-2023-2034)
1011832* - Joomla! CMS Authentication Bypass Vulnerability (CVE-2023-23752)
1011772* - Pimcore SQL Injection Vulnerability (CVE-2023-1578)
1011771* - WordPress 'Limit Login Attempts' Plugin Cross-Site Scripting Vulnerability (CVE-2023-1861)
1011840 - WordPress 'WooCommerce Payments' Plugin Privilege Escalation Vulnerability (CVE-2023-28121)


Web Server HTTPS
1011768* - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32531)
1011767* - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32533)


Web Server Miscellaneous
1011835 - XWiki Code Injection Vulnerability (CVE-2023-29524)
1011838 - XWiki Code Injection Vulnerability (CVE-2023-35150)
1011833 - XWiki Code Injection Vulnerability (CVE-2023-36469)
1011827 - XWiki Cross-Site Scripting Vulnerability (CVE-2023-32071)


Web Server Oracle
1011734* - Oracle WebLogic Server Fusion Middleware Deserialization Vulnerability (CVE-2023-21931)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.