Rule Update

22-055 (November 8, 2022)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Advanced Message Queuing Protocol (AMQP)
1011585 - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerabilities (CVE-2022-36957 and CVE-2022-38108)

DCERPC Services
1011587* - Microsoft Windows Server Service Tampering Vulnerability (CVE-2022-30216)

1011597 - OpenSSL 'ossl_punycode_decode' Buffer Overflow Vulnerability (CVE-2022-3786) - Server

OpenSSL Client
1011596 - OpenSSL 'ossl_punycode_decode' Buffer Overflow Vulnerability (CVE-2022-3786) - Client

SolarWinds Information Service
1011586* - SolarWinds Network Performance Monitor 'DeserializeFromStrippedXml' Insecure Deserialization Vulnerability (CVE-2022-36958)

Web Application Common
1011588* - Dolibarr ERP And CRM Code Injection Vulnerability (CVE-2022-40871)

Web Application PHP Based
1011584* - WordPress 'WP Super Cache' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24329)
1011582* - WordPress 'WPvivid Backup' Plugin Directory Traversal Vulnerability (CVE-2022-2863)

Web Client Common
1011594 - Foxit Reader Remote Code Execution Vulnerability (CVE-2018-17658)

Web Server Miscellaneous
1011592 - XWiki Code Injection Vulnerability (CVE-2022-36099)
1011583* - XWiki Code Injection Vulnerability (CVE-2022-36100)
1011569* - XWiki Cross-Site Scripting Vulnerability (CVE-2022-36094)
1011578* - XWiki Cross-Site Scripting Vulnerability (CVE-2022-36096)

Web Server Oracle
1003413* - Oracle WebLogic Connector JSESSIONID Remote Overflow

Web Server SharePoint
1011478* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-30157)

Zoho ManageEngine
1011526* - Zoho ManageEngine Multiple Products 'getNmapInitialOption' Command Injection Vulnerability (CVE-2022-38772)

Zoho ManageEngine ServiceDesk Plus_MSP
1011595 - Zoho ManageEngine Multiple Products Privilege Escalation Vulnerability (CVE-2022-40773)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.