New Filters:
43124: ZDI-CAN-21523: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43125: ZDI-CAN-21535: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43126: ZDI-CAN-21728: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43127: ZDI-CAN-21729: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43128: ZDI-CAN-21730: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43129: ZDI-CAN-21732: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43130: ZDI-CAN-21735: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43131: ZDI-CAN-21738: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43132: ZDI-CAN-21741: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43133: ZDI-CAN-21744: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43134: ZDI-CAN-21745: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43135: ZDI-CAN-21746: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43136: HTTP: Advantech iView ConfigurationServlet SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Advantech iView.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-3983 CVSS 5.7
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 22, 2023
43137: HTTP: XWiki.org XWiki TipsPanel XWiki.UIExtensionClass Code Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code injection vulnerability in XWiki.org XWiki.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-35166 CVSS 8.6
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 22, 2023
43146: HTTP: RaspAP cfg_id Unauthenticated Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in RaspAP.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-39986
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 22, 2023
43147: HTTP: RaspAP entity Authenticated Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in RaspAP.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-39987
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 22, 2023
43148: ZDI-CAN-21808: Zero Day Initiative Vulnerability (D-Link G416)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting D-Link G416.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43150: ZDI-CAN-21212: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 6)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Tellus Lite V-Simulator 6.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43151: ZDI-CAN-21612: Zero Day Initiative Vulnerability (Visualware MyConnection Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Visualware MyConnection Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43152: ZDI-CAN-21774: Zero Day Initiative Vulnerability (Visualware MyConnection Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Visualware MyConnection Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43153: ZDI-CAN-21852: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Ivanti Endpoint Manager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43155: ZDI-CAN-21895: Zero Day Initiative Vulnerability (SolarWinds Orion)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting SolarWinds Orion.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43156: ZDI-CAN-21894: Zero Day Initiative Vulnerability (SolarWinds Orion)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting SolarWinds Orion.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43157: ZDI-CAN-21624: Zero Day Initiative Vulnerability (Inductive Automation Ignition)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Inductive Automation Ignition.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43158: ZDI-CAN-21625: Zero Day Initiative Vulnerability (Inductive Automation Ignition)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Inductive Automation Ignition.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43159: ZDI-CAN-21801: Zero Day Initiative Vulnerability (Inductive Automation Ignition)
- IPS Version: 3.2.0 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Inductive Automation Ignition.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43160: ZDI-CAN-21838: Zero Day Initiative Vulnerability (NETGEAR ProSAFE Network Management System)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting NETGEAR ProSAFE Network Management System.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
43162: ZDI-CAN-21740: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 22, 2023
Modified Filters (logic changes):
* = Enabled in Default deployments
* 12166: HTTP: PHP EXIF API Integer Overflow Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "12166: HTTP: PHP EXIF API Integer Overflow Denial of Service".
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 20, 2012
- Last Modified Date: August 22, 2023
12203: HTTP: Novell GroupWise Messenger nmma.exe createsearch Memory Corruption Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "12203: HTTP: Novell GroupWise Messenger nmma.exe createsearch Memory Corruption".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 27, 2012
- Last Modified Date: August 22, 2023
12613: HTTP: Microsoft Internet Explorer Use-After-Free Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: October 16, 2012
- Last Modified Date: August 22, 2023
13528: HTTP: Microsoft Internet Explorer Type Confusion Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: February 11, 2014
- Last Modified Date: August 22, 2023
13666: HTTP: Adobe Flash Player SharedObject Use-After-Free Vulnerability
- IPS Version: 3.1.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: March 04, 2014
- Last Modified Date: August 22, 2023
* 16626: HTTP: Apache HTTP Server mod_proxy_ajp Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: August 19, 2014
- Last Modified Date: August 22, 2023
16814: HTTP: Mozilla Firefox SVGLength Use-After-Free Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: October 07, 2014
- Last Modified Date: August 22, 2023
* 20042: HTTP: Adobe Flash ActionScript 3 ByteArray Use-After-Free Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: July 14, 2015
- Last Modified Date: August 22, 2023
* 25484: HTTP: HPE Intelligent Management Center FileDownloadServlet Information Disclosure (ZDI-17-192)
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: November 01, 2016
- Last Modified Date: August 22, 2023
* 28727: HTTPS: HPE Network Automation PermissionFilter Authentication Bypass Vulnerability (ZDI-17-332)
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: July 04, 2017
- Last Modified Date: August 22, 2023
37202: HTTP: Microsoft Exchange Server Cryptographic Key Memory Corruption Vulnerability (ZDI-20-258)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: February 25, 2020
- Last Modified Date: August 22, 2023
37789: HTTP: SaltStack Salt API SSH Client Command Injection Vulnerability(ZDI-20-1379,1380,1381,1382,1383)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: June 23, 2020
- Last Modified Date: August 22, 2023
* 39360: HTTP: F5 BIG-IP iControl REST filePath Command Injection Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: March 23, 2021
- Last Modified Date: August 22, 2023
42177: HTTP: Samsung Galaxy S22 McsWebViewActivity Security Bypass Vulnerability (Pwn2Own ZDI-23-772)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42177: PWN2OWN ZDI-CAN-19585: Zero Day Initiative Vulnerability (Samsung Galaxy S22)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 17, 2023
- Last Modified Date: August 22, 2023
42397: HTTP: NETGEAR ProSAFE Network Management System SQL Injection Vulnerability (ZDI-23-917)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: February 28, 2023
- Last Modified Date: August 22, 2023
42778: HTTP: SolarWinds Orion Platform SendHttpRequest Missing Authorization Vulnerability (ZDI-23-1006)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42778: ZDI-CAN-21090: Zero Day Initiative Vulnerability (SolarWinds Orion)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 06, 2023
- Last Modified Date: August 22, 2023
* 42977: TCP: Redis SCAN KEYS command Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: July 18, 2023
- Last Modified Date: August 22, 2023
Modified Filters (metadata changes only):
* = Enabled in Default deployments
* 5935: ALTIRIS: Symantec Altiris Deployment Solution SQL Injection Vulnerability (ZDI-08-024)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: May 19, 2008
- Last Modified Date: August 22, 2023
* 16797: HTTP: GNU Bash URI Parameter Remote Code Execution Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: September 26, 2014
- Last Modified Date: August 22, 2023
42425: TCP: Inductive Automation Ignition OPC UA Cross-Site Scripting Vulnerability (Pwn2Own ZDI-23-1012)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42425: PWN2OWN ZDI-CAN-20355: Zero Day Initiative Vulnerability (Inductive Automation Ignition Client)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 07, 2023
- Last Modified Date: August 22, 2023
42566: HTTP: Adobe Acrobat Reader DC AnnotsString Restrictions Bypass Vulnerability (Pwn2Own ZDI-23-1109)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42566: HTTP: Adobe Acrobat Reader DC AnnotsString Prototype Restrictions Bypass Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: April 04, 2023
- Last Modified Date: August 22, 2023
42780: HTTP: SolarWinds Orion Platform BlacklistedFilesChecker Security Bypass Vulnerability (ZDI-23-1004)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42780: ZDI-CAN-21095: Zero Day Initiative Vulnerability (SolarWinds Orion)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 06, 2023
- Last Modified Date: August 22, 2023
42783: HTTP: SolarWinds Orion Platform UpdateActionsProperties Security Bypass Vulnerability (ZDI-23-1003)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42783: ZDI-CAN-21096: Zero Day Initiative Vulnerability (SolarWinds Orion)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 06, 2023
- Last Modified Date: August 22, 2023
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.