Deep Security Center
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011704* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)
DCERPC Services - Client
1011517* - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (DogWalk) Over SMB (CVE-2022-34713)
SNMP Server
1011647* - Net-SNMP NULL Pointer Dereference Vulnerability (CVE-2022-44792)
SolarWinds Orion Platform
1011762 - SolarWinds Network Performance Monitor Command Injection Vulnerability (CVE-2022-36963)
Web Application Common
1011718 - ThinkPHP SQL Injection Vulnerability (CVE-2021-44350)
Web Application PHP Based
1011754 - WordPress 'Duplicator' Plugin Information Disclosure Vulnerability (CVE-2022-2551)
Web Server Common
1011755 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2022-48426)
1011752 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2022-48428)
Web Server HTTPS
1011749 - rConfig 'ajaxCompareGetCmdDates.php' SQL Injection Vulnerability (CVE-2022-45030)
Web Server Miscellaneous
1011456* - Atlassian Confluence And Data Center Remote Code Execution Vulnerability (CVE-2022-26134)
1011759 - Ivanti Avalanche Arbitrary File Upload Vulnerability (CVE-2023-28128)
1011756 - XWiki Code Injection Vulnerability (CVE-2023-29525)
Zoho ManageEngine ServiceDesk Plus_MSP
1011751 - Zoho ManageEngine ServiceDesk Plus Cross-Site Scripting Vulnerability (CVE-2023-23074)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011704* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)
DCERPC Services - Client
1011517* - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (DogWalk) Over SMB (CVE-2022-34713)
SNMP Server
1011647* - Net-SNMP NULL Pointer Dereference Vulnerability (CVE-2022-44792)
SolarWinds Orion Platform
1011762 - SolarWinds Network Performance Monitor Command Injection Vulnerability (CVE-2022-36963)
Web Application Common
1011718 - ThinkPHP SQL Injection Vulnerability (CVE-2021-44350)
Web Application PHP Based
1011754 - WordPress 'Duplicator' Plugin Information Disclosure Vulnerability (CVE-2022-2551)
Web Server Common
1011755 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2022-48426)
1011752 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2022-48428)
Web Server HTTPS
1011749 - rConfig 'ajaxCompareGetCmdDates.php' SQL Injection Vulnerability (CVE-2022-45030)
Web Server Miscellaneous
1011456* - Atlassian Confluence And Data Center Remote Code Execution Vulnerability (CVE-2022-26134)
1011759 - Ivanti Avalanche Arbitrary File Upload Vulnerability (CVE-2023-28128)
1011756 - XWiki Code Injection Vulnerability (CVE-2023-29525)
Zoho ManageEngine ServiceDesk Plus_MSP
1011751 - Zoho ManageEngine ServiceDesk Plus Cross-Site Scripting Vulnerability (CVE-2023-23074)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DNS Client
1011748 - Identified Cobalt Strike DNS Beacon Runtime Detection - 1
1011753 - Identified Cobalt Strike DNS Beacon Runtime Detection - 2
Web Application PHP Based
1011736 - OpenCATS Cross-Site Scripting Vulnerability (CVE-2023-27293)
1011747 - WordPress 'Metform Elementor Contact Form Builder' Plugin Cross-Site Scripting Vulnerability (CVE-2023-0084)
Web Client Common
1011080* - Microsoft Multiple Products Remote Code Execution Vulnerability (CVE-2021-43209 and CVE-2022-44692)
Web Server Apache
1011750 - Apache HTTP Server Request Smuggling Vulnerability (CVE-2023-25690)
Web Server Miscellaneous
1011757 - XWiki Code Injection Vulnerability (CVE-2023-29516)
Web Server SharePoint
1011730 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-29108)
Zoho ManageEngine ServiceDesk Plus_MSP
1011745 - Zoho ManageEngine ServiceDesk Plus Cross Site Scripting Vulnerability (CVE-2023-23077)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DNS Client
1011748 - Identified Cobalt Strike DNS Beacon Runtime Detection - 1
1011753 - Identified Cobalt Strike DNS Beacon Runtime Detection - 2
Web Application PHP Based
1011736 - OpenCATS Cross-Site Scripting Vulnerability (CVE-2023-27293)
1011747 - WordPress 'Metform Elementor Contact Form Builder' Plugin Cross-Site Scripting Vulnerability (CVE-2023-0084)
Web Client Common
1011080* - Microsoft Multiple Products Remote Code Execution Vulnerability (CVE-2021-43209 and CVE-2022-44692)
Web Server Apache
1011750 - Apache HTTP Server Request Smuggling Vulnerability (CVE-2023-25690)
Web Server Miscellaneous
1011757 - XWiki Code Injection Vulnerability (CVE-2023-29516)
Web Server SharePoint
1011730 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-29108)
Zoho ManageEngine ServiceDesk Plus_MSP
1011745 - Zoho ManageEngine ServiceDesk Plus Cross Site Scripting Vulnerability (CVE-2023-23077)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011704* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)
1011703* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2023-23836)
HP Intelligent Management Center (IMC)
1011687* - HPE Intelligent Management Center 'getAddFormBean' Remote Code Execution Vulnerability (CVE-2019-5352)
1011688* - HPE Intelligent Management Center 'getInsListBean' Remote Code Execution Vulnerability (CVE-2019-5354)
Ivanti Avalanche
1011655* - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2022-36981)
OpenTSDB
1011696* - OpenTSDB Command Injection Vulnerability (CVE-2020-35476)
Oracle E-Business Suite Web Interface
1011709* - Oracle E-Business Suite Web Applications Desktop Integrator Directory Traversal Vulnerability (CVE-2022-39428)
Redis Server
1011715* - Redis Integer Overflow Vulnerability (CVE-2023-22458)
Trend Micro Mobile Security Server
1011746 - Trend Micro Mobile Security Server File Deletion Vulnerability (CVE-2023-32521 and CVE-2023-32522)
1011742 - Trend Micro Mobile Security Server Information Disclosure Vulnerability
Web Application Common
1006193 - Generic SQL Injection Prevention - 3
1011743 - pgAdmin Import Servers Directory Traversal Vulnerability (CVE-2023-0241)
Web Application PHP Based
1011702* - Froxlor Arbitrary File Overwrite Vulnerability (CVE-2023-0315)
Web Application Ruby Based
1011705* - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2023-0507)
Web Client Common
1011694* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB23-01)
Web Server Adobe ColdFusion
1011558* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2022-38418)
Web Server HTTPS
1011673* - Cacti Command Injection Vulnerability (CVE-2022-46169)
1011503* - EnterpriseDT CompleteFTP Server Arbitrary File Deletion Vulnerability (CVE-2022-2560)
Web Server Miscellaneous
1011403* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)
1011677* - Contec CONPROSYS HMI System Command Injection Vulnerability (CVE-2022-44456)
1011713* - XWiki Code Injection Vulnerability (CVE-2023-26475)
Web Server Oracle
1011716* - Oracle Weblogic Server Insecure Deserialization Vulnerability (CVE-2023-21839)
Zabbix Server
1011698* - Zabbix Server Arbitrary File Read Vulnerability (CVE-2022-46768)
cPanel
1011744 - cPanel Cross-Site Scripting Vulnerability (CVE-2023-29489)
dotCMS
1011460* - dotCMS Directory Traversal Vulnerability (CVE-2022-26352)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011704* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)
1011703* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2023-23836)
HP Intelligent Management Center (IMC)
1011687* - HPE Intelligent Management Center 'getAddFormBean' Remote Code Execution Vulnerability (CVE-2019-5352)
1011688* - HPE Intelligent Management Center 'getInsListBean' Remote Code Execution Vulnerability (CVE-2019-5354)
Ivanti Avalanche
1011655* - Ivanti Avalanche Directory Traversal Vulnerability (CVE-2022-36981)
OpenTSDB
1011696* - OpenTSDB Command Injection Vulnerability (CVE-2020-35476)
Oracle E-Business Suite Web Interface
1011709* - Oracle E-Business Suite Web Applications Desktop Integrator Directory Traversal Vulnerability (CVE-2022-39428)
Redis Server
1011715* - Redis Integer Overflow Vulnerability (CVE-2023-22458)
Trend Micro Mobile Security Server
1011746 - Trend Micro Mobile Security Server File Deletion Vulnerability (CVE-2023-32521 and CVE-2023-32522)
1011742 - Trend Micro Mobile Security Server Information Disclosure Vulnerability
Web Application Common
1006193 - Generic SQL Injection Prevention - 3
1011743 - pgAdmin Import Servers Directory Traversal Vulnerability (CVE-2023-0241)
Web Application PHP Based
1011702* - Froxlor Arbitrary File Overwrite Vulnerability (CVE-2023-0315)
Web Application Ruby Based
1011705* - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2023-0507)
Web Client Common
1011694* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB23-01)
Web Server Adobe ColdFusion
1011558* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2022-38418)
Web Server HTTPS
1011673* - Cacti Command Injection Vulnerability (CVE-2022-46169)
1011503* - EnterpriseDT CompleteFTP Server Arbitrary File Deletion Vulnerability (CVE-2022-2560)
Web Server Miscellaneous
1011403* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2021-31805)
1011677* - Contec CONPROSYS HMI System Command Injection Vulnerability (CVE-2022-44456)
1011713* - XWiki Code Injection Vulnerability (CVE-2023-26475)
Web Server Oracle
1011716* - Oracle Weblogic Server Insecure Deserialization Vulnerability (CVE-2023-21839)
Zabbix Server
1011698* - Zabbix Server Arbitrary File Read Vulnerability (CVE-2022-46768)
cPanel
1011744 - cPanel Cross-Site Scripting Vulnerability (CVE-2023-29489)
dotCMS
1011460* - dotCMS Directory Traversal Vulnerability (CVE-2022-26352)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
NFS Server
1011740 - Microsoft Windows Network File System Remote Code Execution Vulnerability (CVE-2023-24941)
Web Client Common
1011710* - Foxit PDF Reader And Editor Use After Free Vulnerability (CVE-2023-27329)
1011711* - Foxit PDF Reader And Editor Use After Free Vulnerability (CVE-2023-27331)
Zoho ManageEngine
1011735 - Zoho ManageEngine Applications Manager Stored Cross-Site Scripting Vulnerability (CVE-2023-28341)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1009771* - Microsoft Windows Sysmon Events - 1
Deep Packet Inspection Rules:
NFS Server
1011740 - Microsoft Windows Network File System Remote Code Execution Vulnerability (CVE-2023-24941)
Web Client Common
1011710* - Foxit PDF Reader And Editor Use After Free Vulnerability (CVE-2023-27329)
1011711* - Foxit PDF Reader And Editor Use After Free Vulnerability (CVE-2023-27331)
Zoho ManageEngine
1011735 - Zoho ManageEngine Applications Manager Stored Cross-Site Scripting Vulnerability (CVE-2023-28341)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1009771* - Microsoft Windows Sysmon Events - 1
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1011660* - Linux Kernel KSMBD Denial Of Service Vulnerability (CVE-2023-0210)
Redis Server
1011555* - Redis Integer Overflow Vulnerability (CVE-2022-35951)
Web Application PHP Based
1011714 - WordPress 'Paid Memberships Pro' Plugin Cross-Site Scripting Vulnerability (CVE-2022-4830)
Web Client Common
1011725 - Microsoft Windows Contacts Remote Code Execution Vulnerability (CVE-2022-44666)
Web Client HTTPS
1011699* - GitLab Remote Code Execution Vulnerability (CVE-2022-2884)
1011684* - GitLab Remote Code Execution Vulnerability (CVE-2022-2992)
Web Server HTTPS
1011565* - Centreon 'Poller Broker' SQL Injection Vulnerabilities (CVE-2022-42424 and CVE-2022-42425)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011728 - Microsoft Azure Active Directory Password Protection
Deep Packet Inspection Rules:
DCERPC Services
1011660* - Linux Kernel KSMBD Denial Of Service Vulnerability (CVE-2023-0210)
Redis Server
1011555* - Redis Integer Overflow Vulnerability (CVE-2022-35951)
Web Application PHP Based
1011714 - WordPress 'Paid Memberships Pro' Plugin Cross-Site Scripting Vulnerability (CVE-2022-4830)
Web Client Common
1011725 - Microsoft Windows Contacts Remote Code Execution Vulnerability (CVE-2022-44666)
Web Client HTTPS
1011699* - GitLab Remote Code Execution Vulnerability (CVE-2022-2884)
1011684* - GitLab Remote Code Execution Vulnerability (CVE-2022-2992)
Web Server HTTPS
1011565* - Centreon 'Poller Broker' SQL Injection Vulnerabilities (CVE-2022-42424 and CVE-2022-42425)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011728 - Microsoft Azure Active Directory Password Protection
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
PaperCut
1011731* - PaperCut NG Authentication Bypass Vulnerability (CVE-2023-27350)
1011732 - PaperCut NG Authentication Bypass Vulnerability (CVE-2023-27351)
1011733 - PaperCut NG Remote Code Execution Vulnerability (ZDI-CAN-20965)
Solr Service
1010063* - Apache Solr 'Velocity Template' Command Injection Vulnerability (CVE-2020-13936)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
PaperCut
1011731* - PaperCut NG Authentication Bypass Vulnerability (CVE-2023-27350)
1011732 - PaperCut NG Authentication Bypass Vulnerability (CVE-2023-27351)
1011733 - PaperCut NG Remote Code Execution Vulnerability (ZDI-CAN-20965)
Solr Service
1010063* - Apache Solr 'Velocity Template' Command Injection Vulnerability (CVE-2020-13936)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Ivanti Avalanche Remote Control Server
1011719 - Ivanti Avalanche Authentication Bypass Vulnerability (CVE-2022-44574)
PaperCut
1011731 - PaperCut NG Authentication Bypass Vulnerability (CVE-2023-27350)
Web Server Adobe ColdFusion
1011558* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2022-38418)
Web Server HTTPS
1011726 - Contec CONPROSYS HMI System SQL Injection Vulnerability (CVE-2023-1658)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Ivanti Avalanche Remote Control Server
1011719 - Ivanti Avalanche Authentication Bypass Vulnerability (CVE-2022-44574)
PaperCut
1011731 - PaperCut NG Authentication Bypass Vulnerability (CVE-2023-27350)
Web Server Adobe ColdFusion
1011558* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2022-38418)
Web Server HTTPS
1011726 - Contec CONPROSYS HMI System SQL Injection Vulnerability (CVE-2023-1658)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Atlassian Bitbucket
1011658* - Atlassian Bitbucket Server and Data Center Command Injection Vulnerability (CVE-2022-43781)
DCERPC Services - Client
1011436* - Microsoft Windows RPC Remote Code Execution Vulnerability Over SMB (CVE-2022-26809)
1011459* - Microsoft Windows RPC Remote Code Execution Vulnerability Over TCP (CVE-2022-26809)
Unix Samba
1011717* - Linux Kernel KSMBD Use After Free Vulnerability (CVE-2022-47939)
Web Application PHP Based
1008148* - WordPress Ninja Forms Unauthenticated File Upload Vulnerability (CVE-2016-1209)
Web Server Common
1008621* - Disallow Upload Of A JSP File (ATT&CK T1190)
Web Server SharePoint
1011727 - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2023-28288)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Atlassian Bitbucket
1011658* - Atlassian Bitbucket Server and Data Center Command Injection Vulnerability (CVE-2022-43781)
DCERPC Services - Client
1011436* - Microsoft Windows RPC Remote Code Execution Vulnerability Over SMB (CVE-2022-26809)
1011459* - Microsoft Windows RPC Remote Code Execution Vulnerability Over TCP (CVE-2022-26809)
Unix Samba
1011717* - Linux Kernel KSMBD Use After Free Vulnerability (CVE-2022-47939)
Web Application PHP Based
1008148* - WordPress Ninja Forms Unauthenticated File Upload Vulnerability (CVE-2016-1209)
Web Server Common
1008621* - Disallow Upload Of A JSP File (ATT&CK T1190)
Web Server SharePoint
1011727 - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2023-28288)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Redis Server
1011555* - Redis Integer Overflow Vulnerability (CVE-2022-35951)
Web Application PHP Based
1011689* - LibreNMS Cross-Site Scripting Vulnerability (CVE-2022-4069)
Web Client HTTPS
1011684* - GitLab Remote Code Execution Vulnerability (CVE-2022-2992)
Web Server Common
1011690* - dotCMS Directory Traversal Vulnerability (CVE-2022-45783)
Windows SMB Server
1011717 - Linux Kernel KSMBD Use After Free Vulnerability (CVE-2022-47939)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Redis Server
1011555* - Redis Integer Overflow Vulnerability (CVE-2022-35951)
Web Application PHP Based
1011689* - LibreNMS Cross-Site Scripting Vulnerability (CVE-2022-4069)
Web Client HTTPS
1011684* - GitLab Remote Code Execution Vulnerability (CVE-2022-2992)
Web Server Common
1011690* - dotCMS Directory Traversal Vulnerability (CVE-2022-45783)
Windows SMB Server
1011717 - Linux Kernel KSMBD Use After Free Vulnerability (CVE-2022-47939)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache Kylin
1011685* - Apache Kylin Command Injection Vulnerability (CVE-2022-43396)
IPSec-IKE
1011669* - Microsoft Windows Internet Key Exchange (IKE) Protocol Extensions Denial Of Service Vulnerability (CVE-2023-21547)
Redis Server
1011715 - Redis Integer Overflow Vulnerability (CVE-2023-22458)
Web Application PHP Based
1011708 - WordPress 'WP Statistics' Plugin SQL Injection Vulnerability (CVE-2022-4230)
Web Client Common
1010907* - Microsoft Print 3D And 3D Builder Remote Code Execution Vulnerability (ZDI-21-405 and ZDI-23-364)
1011442* - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (Follina) (CVE-2022-30190)
Web Client HTTPS
1011699* - GitLab Remote Code Execution Vulnerability (CVE-2022-2884)
Web Server Adobe ColdFusion
1011558* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2022-38418)
Web Server HTTPS
1011503 - EnterpriseDT CompleteFTP Server Arbitrary File Deletion Vulnerability (CVE-2022-2560)
Web Server Miscellaneous
1011712 - Jenkins 'Pipeline Build Step' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2023-25762)
Web Server Oracle
1011716 - Oracle Weblogic Server Insecure Deserialization Vulnerability (CVE-2023-21839)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Apache Kylin
1011685* - Apache Kylin Command Injection Vulnerability (CVE-2022-43396)
IPSec-IKE
1011669* - Microsoft Windows Internet Key Exchange (IKE) Protocol Extensions Denial Of Service Vulnerability (CVE-2023-21547)
Redis Server
1011715 - Redis Integer Overflow Vulnerability (CVE-2023-22458)
Web Application PHP Based
1011708 - WordPress 'WP Statistics' Plugin SQL Injection Vulnerability (CVE-2022-4230)
Web Client Common
1010907* - Microsoft Print 3D And 3D Builder Remote Code Execution Vulnerability (ZDI-21-405 and ZDI-23-364)
1011442* - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (Follina) (CVE-2022-30190)
Web Client HTTPS
1011699* - GitLab Remote Code Execution Vulnerability (CVE-2022-2884)
Web Server Adobe ColdFusion
1011558* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2022-38418)
Web Server HTTPS
1011503 - EnterpriseDT CompleteFTP Server Arbitrary File Deletion Vulnerability (CVE-2022-2560)
Web Server Miscellaneous
1011712 - Jenkins 'Pipeline Build Step' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2023-25762)
Web Server Oracle
1011716 - Oracle Weblogic Server Insecure Deserialization Vulnerability (CVE-2023-21839)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Featured Stories
Unveiling AI Agent Vulnerabilities Part V: Securing LLM ServicesTo conclude our series on agentic AI, this article examines emerging vulnerabilities that threaten AI agents, focusing on providing proactive security recommendations on areas such as code execution, data exfiltration, and database access.Read more
Unveiling AI Agent Vulnerabilities Part IV: Database Access VulnerabilitiesHow can attackers exploit weaknesses in database-enabled AI agents? This research explores how SQL generation vulnerabilities, stored prompt injection, and vector store poisoning can be weaponized by attackers for fraudulent activities.Read more
The Mirage of AI Programming: Hallucinations and Code IntegrityThe adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.Read more
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more