IPS Signature Database Update
| Name | ips.sig | |||
| Version | 3.0.196 | |||
| StoneOS | Firewall 5.5R8P2 or above, and NIPS/IDS 5.5R5-3.5 or above, and BDS 5.5R8-3.3 or above | |||
| Release Date | 2024-03-04 | |||
| New Signature (13) |
Rule ID | Rule Name | StoneOS | Detail |
| 337826 | ImageMagick 7.1.0-51 Arbitrary File Reading Vulnerability (CVE-2022-44268) | 5.0R4 or above | click for more information | |
| 337827 | ImageMagick 7.1.0-51 Denial of Service Vulnerability (CVE-2022-44267) | 5.0R4 or above | click for more information | |
| 337824 | WordPress Bricks Builder Unauthenticated Remote Code Execution Vulnerability (CVE-2024-25600) | 5.5R5 or above | click for more information | |
| 337825 | Zoho ManageEngine Multiple Products SAMLResponse Remote Code Execution Vulnerability (CVE-2022-47966) | 5.5R5 or above | click for more information | |
| 322708 | Apache Http2 Null Pointer Dereference Vulnerability (CVE-2017-7659) | 5.5R8 or above | click for more information | |
| 337342 | F5 BIG-IP iControl iControlPortal.cgi Format String Vulnerability(CVE-2023-22374) | 5.0R4 or above | click for more information | |
| 337823 | WordPress Bricks Builder Unauthenticated Remote Code Execution Vulnerability (CVE-2024-25600) | 5.0R4 or above | click for more information | |
| 334121 | Apache httpd mod_auth_digest Memory Access Denial of Service Vulnerability (CVE-2017-9788) | 5.5R8 or above | click for more information | |
| 331187 | Microsoft Windows Windows Script Host Command Injection Vulnerability (CVE-2018-8495) | 5.0R4 or above | click for more information | |
| 505883 | Microsoft Outlook Remote Code Execution Vulnerability (CVE-2024-21413) | 5.5R5 or above | click for more information | |
| 332250 | Apache HTTPD mod_http2 Null Pointer Dereference Vulnerability (CVE-2017-7659) | 5.5R5 or above | click for more information | |
| 337828 | Lost and Found Information System v1.0 Account Take Over Vulnerability (CVE-2023-38965) | 5.0R4 or above | click for more information | |
| 337829 | ManageEngine ADManager Plus Recovery Password Disclosure Vulnerability (CVE-2023-31492) | 5.0R4 or above | click for more information | |
| Updated Signature (10) |
Rule ID | Rule Name | StoneOS | Detail |
| 330371 | TP-Link Sysname OS Command Injection Vulnerability (CVE-2020-12109) | 5.5R5 or above | Click here for more information | |
| 333453 | SonarQube Api Information Disclosure Vulnerability (CVE-2020-27986) | 5.0R4 or above | Click here for more information | |
| 335287 | FasterXML Jackson-databind Remote Code Execution Vulnerability (CVE-2020-11113) | 5.5R5 or above | Click here for more information | |
| 337010 | PHP File Upload Detection | 5.0R4 or above | Click here for more information | |
| 320521 | Microsoft Internet Explorer and Edge Information Disclosure Vulnerability (CVE-2017-0009) | 5.0R4 or above | Click here for more information | |
| 332124 | Oracle WebLogic Remote Code Execution Vulnerability (CVE-2021-2109) | 5.0R4 or above | Click here for more information | |
| 333892 | PhpStudy php_xmlrpc.dll Backdoor Detected | 5.5R4 or above | Click here for more information | |
| 335239 | Insecure Java Deserialization Class JndiConverter Detection | 5.5R5 or above | Click here for more information | |
| 336964 | Docker Daemon API Unauthorized Remote Code Execution Vulnerability | 5.0R4 or above | Click here for more information | |
| 331406 | Oracle WebLogic Server Authorization Bypass Vulnerability (CVE-2020-14882 CVE-2020-14750) | 5.0R4 or above | Click here for more information | |