Rule Update

23-032 (July 25, 2023)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Advanced Message Queuing Protocol (AMQP)
1011585* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerabilities (CVE-2022-36957 and CVE-2022-38108)
1011704* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)


Web Application Common
1011718* - ThinkPHP SQL Injection Vulnerability (CVE-2021-44350)


Web Application PHP Based
1011826 - Roundcube Webmail Command Injection Vulnerability (CVE-2020-12641)
1011435* - ThinkCMF Remote Code Execution Vulnerability


Web Application Ruby Based
1011509* - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2022-31097)


Web Server Apache
1009170* - Apache Server Side Include Cross Site Scripting Vulnerability (CVE-2002-0840)


Web Server Common
1011646* - Apache Airflow Command Injection Vulnerability (CVE-2022-40127)


Web Server HTTPS
1011505* - Node.js HTTP Request Smuggling Vulnerability (CVE-2022-32213)


Web Server Miscellaneous
1011177* - Atlassian Confluence Server Arbitrary File Read Vulnerability (CVE-2021-26085)
1011825 - Jenkins 'File Parameter' Plugin Arbitrary File Write Vulnerability (CVE-2023-32986)


Web Server Oracle
1008688* - Oracle Identity Manager Default Account Vulnerability (CVE-2017-10151)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.