Rule Update

21-024 (May 25, 2021)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

HP Intelligent Management Center (IMC)
1010954* - Apache OFBiz Insecure Deserialization Vulnerability (CVE-2021-29200)
1010951* - Apache OFBiz Insecure Deserialization Vulnerability (CVE-2021-30128)


Microsoft Office
1010959 - Microsoft Office Remote Code Execution Vulnerability (CVE-2021-31175)
1010958 - Microsoft Office Remote Code Execution Vulnerability (CVE-2021-31177)


Oracle E-Business Suite Web Interface
1010945* - Oracle E-Business Suite Reflected Cross-Site Scripting Vulnerability (CVE-2021-2182)


SAP NetWeaver Java Application Server
1010952* - SAP NetWeaver AS JAVA Directory Traversal Vulnerability (CVE-2016-3976)


Web Application Common
1010934* - Dolibarr ERP CRM Remote Code Execution Vulnerability (CVE-2020-14209)


Web Application PHP Based
1010953* - Joomla! Arbitrary File Upload Vulnerability (CVE-2021-23132)


Web Client Common
1010968 - Adobe Acrobat And Reader DC Heap Buffer Overflow Vulnerability (CVE-2021-28560)
1010967 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2012-4157)
1010955 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2021-28550)
1010961 - Microsoft Windows Web Media Extensions Remote Code Execution Vulnerability (CVE-2021-28465)
1010969 - XStream Library Remote Command Execution Vulnerability (CVE-2021-29505)


Web Server HTTPS
1010948* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-28482)


Web Server Miscellaneous
1010966 - Jenkins 'Credentials' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-21648)


Web Server Nagios
1010943* - Nagios XI Authenticated OS Command Argument Injection Vulnerability (CVE-2020-5792)


Web Server Oracle
1010927* - Oracle Business Intelligence 'APSWebModule' Remote Code Execution Vulnerability (CVE-2021-2244)
1010928* - Oracle Business Intelligence T3 Protocol Deserialization of Untrusted Data Vulnerability (CVE-2021-2302)
1010739* - Oracle WebLogic Console JNDI Injection Vulnerability (CVE-2021-2109)


Web Server SharePoint
1010957 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-28474)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.