Rule Update

20-019 (April 21, 2020)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1010214 - Identified Trend Micro ApexOne Backup Folder Access


HP System Management Homepage
1010221 - HPE System Management Homepage Remote Denial of Service Vulnerability (CVE-2017-12545)


Microsoft Office
1010230 - Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0906)


Redis Server
1010231 - Redis Cron Remote Code Execution Vulnerability
1009967* - Redis Unauthenticated Code Execution Vulnerability


Web Application Common
1010225 - Liferay Portal Untrusted Deserialization Vulnerability (CVE-2020-7961)


Web Client Common
1010226 - Microsoft Windows JET Database Engine Remote Code Execution Vulnerability (CVE-2020-0953)


Web Server Common
1010080* - Identified Usage Of FreeSWITCH Event Socket Interface


Web Server Oracle
1010223 - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638)


Web Server SharePoint
1010227 - Microsoft SharePoint Scorecards Deserialization Of Untrusted Data Remote Code Execution Vulnerability (CVE-2020-0931)
1010228 - Microsoft SharePoint TypeConverter Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2020-0932)


Integrity Monitoring Rules:

1003168* - Unix - Open Port Monitor


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.