Rule Update

22-019 (April 19, 2022)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Database Microsoft SQL
1000917* - Restrict Microsoft SQL Server XP_CMDSHELL Procedure


MySQL Cluster NDBD
1011389 - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21355)
1011391 - Oracle MySQL Cluster Data Node Information Disclosure Vulnerability (CVE-2022-21357)
1011390 - Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Vulnerability (CVE-2022-21356)


SolarWinds Network Performance Monitor
1011384 - SolarWinds Orion Platform Unrestricted File Upload Vulnerability (CVE-2021-35244)


Web Application Common
1005402* - Identified Suspicious User Agent In HTTP Request


Web Application PHP Based
1011392 - WordPress 'Ad Inserter' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0901)
1011388 - WordPress 'Modern Events Calendar Lite' Plugin Unauthenticated Blind SQL Injection Vulnerability (CVE-2021-24946)
1011393 - WordPress 'RegistrationMagic' Plugin Authenticated SQL Injection Vulnerability (CVE-2021-24862)


Web Application Tomcat
1011322* - Laravel Deserialization Remote Code Execution Vulnerability (CVE-2021-3129)


Web Client Common
1011394 - Foxit Reader Use After Free Vulnerability (CVE-2018-17705)


Web Client VNC
1011373 - TightVNC VNCViewer RFB Connection Heap Buffer Overflow Vulnerability (CVE-2022-23967)


Web Server Common
1011343 - BMC Track-It Information Disclosure Vulnerability (CVE-2021-35001)
1011377 - Django Infinite Loop Denial of Service Vulnerability (CVE-2022-23833)


Web Server Miscellaneous
1010461* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2019-0230)


Web Server Oracle
1010223* - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.