IPS Signature Database Update
Name | ips.sig | |||
Version | 3.0.222 | |||
StoneOS | Firewall 5.5R8P2 or above, and NIPS/IDS 5.5R5-3.5 or above, and BDS 5.5R8-3.3 or above | |||
Release Date | 2024-09-02 | |||
New Signature (40) |
Rule ID | Rule Name | StoneOS | Detail |
338380 | Sophos Firewall User Portal and Webadmin Code Injection Vulnerability (CVE-2022-3236) | 5.0R4 or above | click for more information | |
338349 | Wordpress Plugin JS Help Desk Remote Code Execution Vulnerability (CVE-2024-7094) | 5.5R8 or above | click for more information | |
338359 | Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) | 5.0R4 or above | click for more information | |
338369 | Microsoft Exchange Server Arbitrary File Write Vulnerability (CVE-2021-26858) | 5.0R4 or above | click for more information | |
338366 | Google Chrome V8 Heap Corruption Vulnerability (CVE-2020-16009) | 5.0R4 or above | click for more information | |
338376 | Nice Linear eMerge E3-Series OS Command Injection Vulnerability (CVE-2019-7256) | 5.5R5 or above | click for more information | |
338345 | GiveWP PHP Object Injection Vulnerability (CVE-2024-5932) | 5.5R5 or above | click for more information | |
338362 | IBM Spectrum Protect Plus uploadHttpsCertificate Command Injection Vulnerability (CVE-2020-4241) | 5.0R4 or above | click for more information | |
338372 | OpenEMR Backup.php Command Injection Vulnerability (CVE-2020-36243) | 5.5R5 or above | click for more information | |
338383 | Oracle Business Intelligence Enterprise Edition Information Disclosure Vulnerability (CVE-2020-14864) | 5.0R4 or above | click for more information | |
338348 | DIAEnergie RecalculateHDMWYC Unauthenticated SQL Injection Vulnerability (CVE-2024-4548) | 5.0R4 or above | click for more information | |
338368 | WordPress Cross Site Request Forgery Remote Code Execution Vulnerability (CVE-2019-9787) | 5.0R4 or above | click for more information | |
338379 | Realtek SDK Management Command Injection Vulnerability (CVE-2021-35395) | 5.5R5 or above | click for more information | |
338354 | Weaver Ecology9 ModeDateService SQL Injection Vulnerability | 5.5R8 or above | click for more information | |
332462 | IBM Spectrum Protect Plus hostname Command Injection Vulnerability (CVE-2020-4211) | 5.5R5 or above | click for more information | |
338365 | Microsoft SharePoint ValidateTokenIssuer Authentication Bypass Vulnerability (CVE-2023-29357) | 5.0R4 or above | click for more information | |
338375 | Netgate pfSense restore_rrddata Command Injection Vulnerability (CVE-2023-27253) | 5.0R4 or above | click for more information | |
338385 | Zoho Desktop Central Authentication Bypass Vulnerability (CVE-2021-44515) | 5.0R4 or above | click for more information | |
338382 | Apache Airflow Experimental API Authentication Bypass Vulnerability (CVE-2020-13927) | 5.0R4 or above | click for more information | |
338351 | Yonyou CRM help.php Arbitrary File Read Vulnerability | 5.5R8 or above | click for more information | |
...... | ||||
Updated Signature (15) |
Rule ID | Rule Name | StoneOS | Detail |
336802 | Sophos Firewall User Portal and Webadmin Authentication Bypass Remote Code Execution Vulnerability (CVE-2022-1040) | 5.5R5 or above | Click here for more information | |
337849 | JetBrains TeamCity Authentication Bypass Vulnerability (CVE-2024-27198) | 5.0R4 or above | Click here for more information | |
333878 | Microsoft Exchange Remote Code Execution Vulnerability (CVE-2021-34473) | 5.0R4 or above | Click here for more information | |
337846 | Ivanti Connect Secure VPN Server-side Request Forge Vulnerability (CVE-2024-21893) | 5.0R4 or above | Click here for more information | |
332445 | SaltStack Salt API SSH Client Command Injection Vulnerability (CVE-2020-16846) | 5.5R5 or above | Click here for more information | |
337739 | Apache Ofbiz 18.12.09 Remote Code Execution Vulnerability (CVE-2023-49070) | 5.0R4 or above | Click here for more information | |
333758 | Suspected APT32/OceanLotus Activity | 5.5R5 or above | Click here for more information | |
334123 | Sitecore Experience Platform XP PreAuth Deserialization Vulnerability (CVE-2021-42237) | 5.0R4 or above | Click here for more information | |
337705 | Atlassian Confluence Unauthorized Access Vulnerability (CVE-2023-22518) | 5.0R4 or above | Click here for more information | |
338003 | Cisco IOS XE Web UI Privilege Escalation Vulnerability (CVE-2023-20198) | 5.0R4 or above | Click here for more information | |
333638 | Yealink Remote Code Execution Vulnerability (CVE-2021-27561) | 5.0R4 or above | Click here for more information | |
337319 | CentOS Web Panel Command Injection Vulnerability (CVE-2022-44877) | 5.0R4 or above | Click here for more information | |
337867 | Atlassian Confluence Arbitrary Command Execution Vulnerability (CVE-2023-22527) | 5.0R4 or above | Click here for more information | |
716907 | Apache ActiveMQ Remote Code Execution Vulnerability (CVE-2023-46604) | 5.5R5 or above | Click here for more information | |
334257 | Nagios XI WatchGuard Wizard Watchguard.inc.php Command Injection Vulnerability (CVE-2021-37346) | 5.5R5 or above | Click here for more information | |