Rule Update

23-003 (January 17, 2023)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

CentOS Web Panel
1011657 - CentOS Web Panel Remote Code Execution Vulnerability (CVE-2022-44877)


Web Application Common
1011649* - pgAdmin Remote Code Execution Vulnerability (CVE-2022-4223)


Web Application PHP Based
1011439* - WordPress 'Advanced Uploader' Plugin Arbitrary File Upload Vulnerability (CVE-2022-1103)
1011641* - WordPress 'Availability Calendar' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24604)


Web Client Common
1011656 - Adobe Acrobat And Reader Remote Code Execution Vulnerability (CVE-2023-21608)


Web Server HTTPS
1011565* - Centreon 'Poller Broker' SQL Injection Vulnerabilities (CVE-2022-42424 and CVE-2022-42425)
1011659 - VMware vCenter Server Denial of Service Vulnerability (CVE-2022-31698)


Zoho ManageEngine
1011652* - Zoho ManageEngine Multiple Products SQL Injection Vulnerability (CVE-2022-43671)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1010465* - Auditd - Mitre ATT&CK TA0007: Discovery