Rule Update
23-021 (May 16, 2023)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011704* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)
1011703* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2023-23836)
HP Intelligent Management Center (IMC)
1011687* - HPE Intelligent Management Center 'getAddFormBean' Remote Code Execution Vulnerability (CVE-2019-5352)
1011688* - HPE Intelligent Management Center 'getInsListBean' Remote Code Execution Vulnerability (CVE-2019-5354)
Ivanti Avalanche
1011655* - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2022-36981)
OpenTSDB
1011696* - OpenTSDB Command Injection Vulnerability (CVE-2020-35476)
Oracle E-Business Suite Web Interface
1011709* - Oracle E-Business Suite Web Applications Desktop Integrator Directory Traversal Vulnerability (CVE-2022-39428)
Redis Server
1011715* - Redis Integer Overflow Vulnerability (CVE-2023-22458)
Trend Micro Mobile Security Server
1011746 - Trend Micro Mobile Security Server File Deletion Vulnerability (CVE-2023-32521 and CVE-2023-32522)
1011742 - Trend Micro Mobile Security Server Information Disclosure Vulnerability
Web Application Common
1006193 - Generic SQL Injection Prevention - 3
1011743 - pgAdmin Import Servers Directory Traversal Vulnerability (CVE-2023-0241)
Web Application PHP Based
1011702* - Froxlor Arbitrary File Overwrite Vulnerability (CVE-2023-0315)
Web Application Ruby Based
1011705* - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2023-0507)
Web Client Common
1011694* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB23-01)
Web Server Adobe ColdFusion
1011558* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2022-38418)
Web Server HTTPS
1011673* - Cacti Command Injection Vulnerability (CVE-2022-46169)
1011503* - EnterpriseDT CompleteFTP Server Arbitrary File Deletion Vulnerability (CVE-2022-2560)
Web Server Miscellaneous
1011403* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)
1011677* - Contec CONPROSYS HMI System Command Injection Vulnerability (CVE-2022-44456)
1011713* - XWiki Code Injection Vulnerability (CVE-2023-26475)
Web Server Oracle
1011716* - Oracle Weblogic Server Insecure Deserialization Vulnerability (CVE-2023-21839)
Zabbix Server
1011698* - Zabbix Server Arbitrary File Read Vulnerability (CVE-2022-46768)
cPanel
1011744 - cPanel Cross-Site Scripting Vulnerability (CVE-2023-29489)
dotCMS
1011460* - dotCMS Directory Traversal Vulnerability (CVE-2022-26352)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011704* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)
1011703* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2023-23836)
HP Intelligent Management Center (IMC)
1011687* - HPE Intelligent Management Center 'getAddFormBean' Remote Code Execution Vulnerability (CVE-2019-5352)
1011688* - HPE Intelligent Management Center 'getInsListBean' Remote Code Execution Vulnerability (CVE-2019-5354)
Ivanti Avalanche
1011655* - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2022-36981)
OpenTSDB
1011696* - OpenTSDB Command Injection Vulnerability (CVE-2020-35476)
Oracle E-Business Suite Web Interface
1011709* - Oracle E-Business Suite Web Applications Desktop Integrator Directory Traversal Vulnerability (CVE-2022-39428)
Redis Server
1011715* - Redis Integer Overflow Vulnerability (CVE-2023-22458)
Trend Micro Mobile Security Server
1011746 - Trend Micro Mobile Security Server File Deletion Vulnerability (CVE-2023-32521 and CVE-2023-32522)
1011742 - Trend Micro Mobile Security Server Information Disclosure Vulnerability
Web Application Common
1006193 - Generic SQL Injection Prevention - 3
1011743 - pgAdmin Import Servers Directory Traversal Vulnerability (CVE-2023-0241)
Web Application PHP Based
1011702* - Froxlor Arbitrary File Overwrite Vulnerability (CVE-2023-0315)
Web Application Ruby Based
1011705* - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2023-0507)
Web Client Common
1011694* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB23-01)
Web Server Adobe ColdFusion
1011558* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2022-38418)
Web Server HTTPS
1011673* - Cacti Command Injection Vulnerability (CVE-2022-46169)
1011503* - EnterpriseDT CompleteFTP Server Arbitrary File Deletion Vulnerability (CVE-2022-2560)
Web Server Miscellaneous
1011403* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)
1011677* - Contec CONPROSYS HMI System Command Injection Vulnerability (CVE-2022-44456)
1011713* - XWiki Code Injection Vulnerability (CVE-2023-26475)
Web Server Oracle
1011716* - Oracle Weblogic Server Insecure Deserialization Vulnerability (CVE-2023-21839)
Zabbix Server
1011698* - Zabbix Server Arbitrary File Read Vulnerability (CVE-2022-46768)
cPanel
1011744 - cPanel Cross-Site Scripting Vulnerability (CVE-2023-29489)
dotCMS
1011460* - dotCMS Directory Traversal Vulnerability (CVE-2022-26352)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Featured Stories
Unveiling AI Agent Vulnerabilities Part V: Securing LLM ServicesTo conclude our series on agentic AI, this article examines emerging vulnerabilities that threaten AI agents, focusing on providing proactive security recommendations on areas such as code execution, data exfiltration, and database access.Read more
Unveiling AI Agent Vulnerabilities Part IV: Database Access VulnerabilitiesHow can attackers exploit weaknesses in database-enabled AI agents? This research explores how SQL generation vulnerabilities, stored prompt injection, and vector store poisoning can be weaponized by attackers for fraudulent activities.Read more
The Mirage of AI Programming: Hallucinations and Code IntegrityThe adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.Read more
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more