Rule Update

24-014 (March 12, 2024)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

HP Intelligent Management Center (IMC)
1011940* - Apache OFBiz Authentication Bypass Vulnerability (CVE-2023-51467)
1011990 - Apache OFBiz Information Disclosure Vulnerability (CVE-2024-23946)

SolarWinds Information Service
1011921* - SolarWinds Network Configuration Manager Remote Code Execution Vulnerability (CVE-2023-33227)

Web Application Common
1000608* - Generic SQL Injection Prevention

Web Application PHP Based
1011993 - LibreNMS SQL Injection Vulnerability (CVE-2023-5591)
1011992 - WordPress 'Paid Memberships Pro' Plugin Arbitrary File Upload Vulnerability (CVE-2023-6187)

Web Application Tomcat
1003094* - Identified runtime.getRuntime().exec() In HTTP Request

Web Proxy Squid
1011997 - Squid Proxy Denial Of Service Vulnerability (CVE-2023-49285) - Client

Web Server HTTPS
1011902* - SolarWinds Access Rights Manager Insecure Deserialization Vulnerability (CVE-2023-35184)

Web Server Miscellaneous
1011994 - Graylog Open Insecure Deserialization Vulnerability (CVE-2024-24824)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.