24-031 (June 25, 2024)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

CyberPower PowerPanel Business
1012064 - CyberPower PowerPanel Business Directory Traversal Vulnerability (CVE-2024-33615)


Openfire Jabber Server
1011841 - Openfire Authentication Bypass Vulnerability (CVE-2023-32315)


Web Application PHP Based
1012073 - LibreNMS Cross-Site Scripting Vulnerability (CVE-2024-32479)
1012067 - WordPress 'Forminator' Plugin SQL Injection Vulnerability (CVE-2024-31077)


Web Server Adobe ColdFusion
1012011* - Adobe ColdFusion Improper Access Control Vulnerability (CVE-2024-20767)


Web Server HTTPS
1011979* - Centreon SQL Injection Vulnerability (CVE-2024-0637)
1011984* - Centreon SQL Injection Vulnerability (CVE-2024-23115)
1011983* - Centreon SQL Injection Vulnerability (CVE-2024-23116)
1012068 - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities (CVE-2024-29828 & CVE-2024-29829)


pgAdmin
1012010* - pgAdmin Directory Traversal Vulnerability (CVE-2024-2044)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.