Rule Update
25-044 (2025年10月28日)
2025年10月28日
概要
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Oracle E-Business Suite Web Interface
1012464* - Oracle E-Business Suite Server-Side Request Forgery Vulnerability (CVE-2025-61882 and CVE-2025-61884)
Veritas Enterprise Vault
1012229* - Veritas Enterprise Vault Remote Code Execution Multiple Vulnerabilities
Wazuh
1012332* - Wazuh Insecure Deserialization Vulnerability (CVE-2025-24016)
Web Application PHP Based
1012341* - LibreNMS Stored Cross-Site Scripting Vulnerabilities (CVE-2025-23199 and CVE-2025-23200)
Web Client HTTPS
1012472 - Ivanti Endpoint Manager Arbitrary File Write Vulnerability (CVE-2025-9712)
Web Server HTTPS
1012354* - Craft CMS Remote Code Execution Vulnerability (CVE-2025-32432)
1012473 - Microsoft Exchange Server Cross-Site Scripting Vulnerability (CVE-2021-31195)
Windows Server DCERPC
1012340* - Microsoft Windows Remote Desktop Licensing Service Path Traversal Vulnerability (CVE-2024-38258)
dotCMS
1012471 - dotCMS SQL Injection Vulnerability (CVE-2025-8311)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Oracle E-Business Suite Web Interface
1012464* - Oracle E-Business Suite Server-Side Request Forgery Vulnerability (CVE-2025-61882 and CVE-2025-61884)
Veritas Enterprise Vault
1012229* - Veritas Enterprise Vault Remote Code Execution Multiple Vulnerabilities
Wazuh
1012332* - Wazuh Insecure Deserialization Vulnerability (CVE-2025-24016)
Web Application PHP Based
1012341* - LibreNMS Stored Cross-Site Scripting Vulnerabilities (CVE-2025-23199 and CVE-2025-23200)
Web Client HTTPS
1012472 - Ivanti Endpoint Manager Arbitrary File Write Vulnerability (CVE-2025-9712)
Web Server HTTPS
1012354* - Craft CMS Remote Code Execution Vulnerability (CVE-2025-32432)
1012473 - Microsoft Exchange Server Cross-Site Scripting Vulnerability (CVE-2021-31195)
Windows Server DCERPC
1012340* - Microsoft Windows Remote Desktop Licensing Service Path Traversal Vulnerability (CVE-2024-38258)
dotCMS
1012471 - dotCMS SQL Injection Vulnerability (CVE-2025-8311)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.