23-043 (October 3, 2023)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1011037* - Identified Remote System Discovery Over SMB - 1 (ATT&CK T1018)


Ivanti Avalanche Remote Control Server
1011864 - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2023-32563)


JetBrains TeamCity
1011873 - JetBrains TeamCity Authentication Bypass Vulnerability (CVE-2023-42793)
1011815* - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2023-34220)


PaperCut
1011855* - PaperCut NG Remote Code Execution Vulnerability (CVE-2023-39469)


Parse Server
1011868 - Parse Server Remote Code Execution Vulnerability (CVE-2023-36475)


Web Application Common
1011789* - GitLab Directory Traversal Vulnerability (CVE-2023-2825)


Web Server Adobe ColdFusion
1011819* - Adobe ColdFusion Authentication Bypass Vulnerability (CVE-2023-29301)
1011820* - Adobe ColdFusion Improper Access Control Vulnerability (CVE-2023-29298)


Web Server HTTPS
1011837* - GLPI SQL Injection Vulnerability (CVE-2023-35924)
1011842* - Zabbix Cross-Site Scripting Vulnerability (CVE-2023-29452)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.