Rule Update

22-044 (September 13, 2022)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Apache Spark
1011499* - Apache Spark Command Injection Vulnerability (CVE-2022-33891)


Directory Server LDAP
1011531 - Microsoft Windows Active Directory Certificate Services Privilege Escalation Vulnerability (CVE-2022-34691)
1011246* - Microsoft Windows Active Directory Domain Services Elevation of Privilege Vulnerability Over LDAP (CVE-2021-42278)


Web Application Common
1011364* - Dolibarr ERP And CRM Code Injection Vulnerability (CVE-2022-0819)


Web Server HTTPS
1011525* - Zimbra Collaboration Cross-Site Scripting Vulnerability (CVE-2022-24682) - Server


Zoho ManageEngine
1011527* - Zoho ManageEngine Multiple Products 'getDNSResolveOption' Command Injection Vulnerability (CVE-2022-37024)
1011526* - Zoho ManageEngine Multiple Products 'getNmapInitialOption' Command Injection Vulnerability (CVE-2022-38772)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1011241* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011453* - Microsoft Windows WMI Events - 1