Rule Update
23-014 (April 4, 2023)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache Kylin
1011685* - Apache Kylin Command Injection Vulnerability (CVE-2022-43396)
IPSec-IKE
1011669* - Microsoft Windows Internet Key Exchange (IKE) Protocol Extensions Denial Of Service Vulnerability (CVE-2023-21547)
Redis Server
1011715 - Redis Integer Overflow Vulnerability (CVE-2023-22458)
Web Application PHP Based
1011708 - WordPress 'WP Statistics' Plugin SQL Injection Vulnerability (CVE-2022-4230)
Web Client Common
1010907* - Microsoft Print 3D And 3D Builder Remote Code Execution Vulnerability (ZDI-21-405 and ZDI-23-364)
1011442* - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (Follina) (CVE-2022-30190)
Web Client HTTPS
1011699* - GitLab Remote Code Execution Vulnerability (CVE-2022-2884)
Web Server Adobe ColdFusion
1011558* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2022-38418)
Web Server HTTPS
1011503 - EnterpriseDT CompleteFTP Server Arbitrary File Deletion Vulnerability (CVE-2022-2560)
Web Server Miscellaneous
1011712 - Jenkins 'Pipeline Build Step' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2023-25762)
Web Server Oracle
1011716 - Oracle Weblogic Server Insecure Deserialization Vulnerability (CVE-2023-21839)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Apache Kylin
1011685* - Apache Kylin Command Injection Vulnerability (CVE-2022-43396)
IPSec-IKE
1011669* - Microsoft Windows Internet Key Exchange (IKE) Protocol Extensions Denial Of Service Vulnerability (CVE-2023-21547)
Redis Server
1011715 - Redis Integer Overflow Vulnerability (CVE-2023-22458)
Web Application PHP Based
1011708 - WordPress 'WP Statistics' Plugin SQL Injection Vulnerability (CVE-2022-4230)
Web Client Common
1010907* - Microsoft Print 3D And 3D Builder Remote Code Execution Vulnerability (ZDI-21-405 and ZDI-23-364)
1011442* - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (Follina) (CVE-2022-30190)
Web Client HTTPS
1011699* - GitLab Remote Code Execution Vulnerability (CVE-2022-2884)
Web Server Adobe ColdFusion
1011558* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2022-38418)
Web Server HTTPS
1011503 - EnterpriseDT CompleteFTP Server Arbitrary File Deletion Vulnerability (CVE-2022-2560)
Web Server Miscellaneous
1011712 - Jenkins 'Pipeline Build Step' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2023-25762)
Web Server Oracle
1011716 - Oracle Weblogic Server Insecure Deserialization Vulnerability (CVE-2023-21839)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.