Rule Update

22-061 (December 20, 2022)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Advanced Message Queuing Protocol (AMQP)
1011585* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerabilities (CVE-2022-36957 and CVE-2022-38108)


SolarWinds Information Service
1011631* - SolarWinds Network Performance Monitor Privilege Escalation Vulnerability (CVE-2022-36960)


SolarWinds Orion Platform
1011630 - SolarWinds Network Performance Monitor Command Injection Vulnerability (CVE-2022-36962)


Web Application PHP Based
1011644 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2022-4067)
1011643 - WordPress 'Limit Login Attempts' Plugin Cross-Site Scripting Vulnerability (CVE-2020-35589)
1011638* - WordPress 'Responsive 3D Slider' Plugin SQL Injection Vulnerability (CVE-2021-24398)
1011637 - WordPress 'Simple School Staff Directory' Plugin Arbitrary File Upload Vulnerability (CVE-2021-24663)
1011632* - WordPress 'Splash Header' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24587)
1011618* - WordPress 'Support Board' Plugin SQL Injection Vulnerability (CVE-2021-24741)
1009644* - WordPress 'W3 Total Cache' Plugin Arbitrary File Read Vulnerability (CVE-2019-6715)
1011622* - WordPress 'WP Dialog' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24600)
1011639* - WordPress 'WP-Board' Plugin SQL Injection Vulnerability (CVE-2021-24404)
1011620* - WordPress Directory Traversal Vulnerability (CVE-2019-8943)


Web Client Zoho ManageEngine
1011627* - Zoho ManageEngine Multiple Products Information Disclosure Vulnerability (CVE-2022-40771)


Web Server HTTPS
1011573* - Centreon 'Poller Broker' SQL Injection Vulnerability (CVE-2022-42429)


Web Server Miscellaneous
1011592* - XWiki Code Injection Vulnerability (CVE-2022-36099)


Zoho ManageEngine
1011549* - Zoho ManageEngine Multiple Products SQL Injection Vulnerability (CVE-2022-40300)


Zoho ManageEngine ServiceDesk Plus_MSP
1011595* - Zoho ManageEngine Multiple Products Privilege Escalation Vulnerability (CVE-2022-40773)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1008792* - Microsoft Windows Security Events - 4

Featured Stories