23-014 (April 4, 2023)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Apache Kylin
1011685* - Apache Kylin Command Injection Vulnerability (CVE-2022-43396)


IPSec-IKE
1011669* - Microsoft Windows Internet Key Exchange (IKE) Protocol Extensions Denial Of Service Vulnerability (CVE-2023-21547)


Redis Server
1011715 - Redis Integer Overflow Vulnerability (CVE-2023-22458)


Web Application PHP Based
1011708 - WordPress 'WP Statistics' Plugin SQL Injection Vulnerability (CVE-2022-4230)


Web Client Common
1010907* - Microsoft Print 3D And 3D Builder Remote Code Execution Vulnerability (ZDI-21-405 and ZDI-23-364)
1011442* - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (Follina) (CVE-2022-30190)


Web Client HTTPS
1011699* - GitLab Remote Code Execution Vulnerability (CVE-2022-2884)


Web Server Adobe ColdFusion
1011558* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2022-38418)


Web Server HTTPS
1011503 - EnterpriseDT CompleteFTP Server Arbitrary File Deletion Vulnerability (CVE-2022-2560)


Web Server Miscellaneous
1011712 - Jenkins 'Pipeline Build Step' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2023-25762)


Web Server Oracle
1011716 - Oracle Weblogic Server Insecure Deserialization Vulnerability (CVE-2023-21839)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.