IPS Signature Database Update
| Name | ips.sig | |||
| Version | 3.0.223 | |||
| StoneOS | Firewall 5.5R8P2 or above, and NIPS/IDS 5.5R5-3.5 or above, and BDS 5.5R8-3.3 or above | |||
| Release Date | 2024-09-09 | |||
| New Signature (16) |
Rule ID | Rule Name | StoneOS | Detail |
| 338392 | SPIP porte_plume Plugin Arbitrary Code Execution Vulnerability (CVE-2024-7954) | 5.5R5 or above | click for more information | |
| 338393 | Sensitive Directory gitlab-ci.yml Detection | 5.0R4 or above | click for more information | |
| 338403 | Apache Ofbiz Unauthenticated Remote Code Execution Vulnerability (CVE-2024-45195) | 5.5R8 or above | click for more information | |
| 338390 | Tongxine eHR GetFlowDropDownListItems SQL Injection Vulnerability | 5.5R5 or above | click for more information | |
| 338400 | FastJSON 1.2.60 Remote Code Execution Vulnerability | 5.5R5 or above | click for more information | |
| 338391 | Eqccd OA UploadFile Arbitrary File Upload Vulnerability | 5.0R4 or above | click for more information | |
| 338401 | FastJSON 1.2.60 Remote Code Execution Vulnerability | 5.5R5 or above | click for more information | |
| 338388 | G-sky CMSV6 getAlarmAppealByGuid SQL Injection Vulnerability | 5.0R4 or above | click for more information | |
| 338398 | Apache Axis 1.4 Remote Code Execution Vulnerability | 5.5R5 or above | click for more information | |
| 338389 | Hrsoft eHR GetE01ByDeptCode SQL Injection Vulnerability | 5.0R4 or above | click for more information | |
| 338399 | Apache HTTP Server mod_lua Buffer Overflow Vulnerability (CVE-2021-44790) | 5.5R4 or above | click for more information | |
| 338396 | H2 Database Console JdbcUtils JNDI Injection Vulnerability (CVE-2021-42392) | 5.5R5 or above | click for more information | |
| 338387 | Contec CONPROSYS HMI System chkFormula Command Injection Vulnerability (CVE-2022-44456) | 5.0R4 or above | click for more information | |
| 338397 | Apache Axis 1.4 Remote Code Execution Vulnerability | 5.5R5 or above | click for more information | |
| 338394 | Apache OFBiz Remote Code Execution Vulnerability (CVE-2024-32113) | 5.0R4 or above | click for more information | |
| 338395 | TOTOLINK CP450 Sensitive Information Leakage Vulnerability (CVE-2024-7332) | 5.0R4 or above | click for more information | |
| Updated Signature (5) |
Rule ID | Rule Name | StoneOS | Detail |
| 337056 | ES File Explorer File Manager Policy Bypass Vulnerability (CVE-2019-6447) | 5.5R5 or above | Click here for more information | |
| 309599 | GNU Bash Environment Variable Handling Command Execution Vulnerability -2 (CVE-2014-6271) | 5.0R4 or above | Click here for more information | |
| 708534 | GNU Bash Environment Variable Handling Command Execution Vulnerability -1 (CVE-2014-6271) | 5.0R4 or above | Click here for more information | |
| 337138 | Atlassian Bitbucket Server Command Injection Vulnerability (CVE-2022-36804) | 5.5R5 or above | Click here for more information | |
| 334126 | Apache Druid JDBC connection properties Remote Code Execution Vulnerability (CVE-2021-26919) | 5.5R5 or above | Click here for more information | |