Rule Update

20-019 (April 21, 2020)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1010214 - Identified Trend Micro ApexOne Backup Folder Access

HP System Management Homepage
1010221 - HPE System Management Homepage Remote Denial of Service Vulnerability (CVE-2017-12545)

Microsoft Office
1010230 - Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0906)

Redis Server
1010231 - Redis Cron Remote Code Execution Vulnerability
1009967* - Redis Unauthenticated Code Execution Vulnerability

Web Application Common
1010225 - Liferay Portal Untrusted Deserialization Vulnerability (CVE-2020-7961)

Web Client Common
1010226 - Microsoft Windows JET Database Engine Remote Code Execution Vulnerability (CVE-2020-0953)

Web Server Common
1010080* - Identified Usage Of FreeSWITCH Event Socket Interface

Web Server Oracle
1010223 - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638)

Web Server SharePoint
1010227 - Microsoft SharePoint Scorecards Deserialization Of Untrusted Data Remote Code Execution Vulnerability (CVE-2020-0931)
1010228 - Microsoft SharePoint TypeConverter Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2020-0932)

Integrity Monitoring Rules:

1003168* - Unix - Open Port Monitor

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.