New Filters: 

    38031: HTTP: Nitro Pro PDF Nested Pages Use-After-Free Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Nitro Pro PDF.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-6074
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Windows Client Application
      - Release Date: September 26, 2023

    43253: UDP: Cloudflare Tunnel Connection Attempt
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects an attempt to establish a tunnel connection to the Cloudflare network.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Forbidden Application Access or Service Request
      - Protocol: UDP (Generic)
      - Platform: Multi-Platform Client Application
      - Release Date: September 26, 2023

    43254: HTTPS: Cloudflare Tunnel Connection Attempt
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects an attempt to establish a tunnel connection to the Cloudflare network.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Forbidden Application Access or Service Request
      - Protocol: SSL/TLS
      - Platform: Multi-Platform Client Application
      - Release Date: September 26, 2023

    43259: HTTP: SonicWall GMS and Analytics unzipFiles Directory Traversal Vulnerability (ZDI-23-1154)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a directory traversal vulnerability in SonicWall GMS and Analytics.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2023-34129 CVSS 8.6
        - Zero Day Initiative: ZDI-23-1154
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: September 26, 2023

    43265: HTTP: Adobe ColdFusion IPFilterUtils Improper Access Control Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an improper access control vulnerability in Adobe ColdFusion.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2023-38205 CVSS 6.7
      - Classification: Vulnerability - Access Validation
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: September 26, 2023

    43267: HTTP: Nitro Pro PDF Pattern Object Integer Overflow Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an integer overflow vulnerability in Nitro Pro PDF.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-6092
      - Classification: Vulnerability - Buffer/Heap Overflow
      - Protocol: HTTP
      - Platform: Windows Client Application
      - Release Date: September 26, 2023

    43268: HTTP: Ivanti Sentry uploadFileUsingFileInputMS Command Execution
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects an attempt to execute commands in Ivanti Sentry.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2023-38035
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: September 26, 2023

    43271: LDAP: VMware vCenter Server Directory Service Authentication Bypass Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects a suspicious AddRequest, SearchRequest, or ModifyRequest in VMware vCenter Server Directory Service.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-3952
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: LDAP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: September 26, 2023

    43274: HTTP: Ignite Realtime Openfire Path Traversal Authentication Bypass Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit an authentication bypass in Ignite Realtime Openfire.
      - Deployments:
        - Deployment: Default (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2023-32315
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: September 26, 2023

    43278: ZDI-CAN-21926,22067: Zero Day Initiative Vulnerability (Inductive Automation Ignition)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting Inductive Automation Ignition.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: September 26, 2023

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    19729: HTTP: PHP libzip Integer Overflow Denial-of-Service Vulnerability
      - IPS Version: 3.1.3 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 28, 2015
      - Last Modified Date: September 26, 2023

    35498: TCP: YSoSerial.Net Deserialization Tool Usage
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: June 18, 2019
      - Last Modified Date: September 26, 2023

    42472: HTTP: Adobe ColdFusion copydirectory Directory Traversal Vulnerability (ZDI-23-1102)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: March 14, 2023
      - Last Modified Date: September 26, 2023

    42986: HTTP: SonicWall GMS and Analytics unzipFiles Directory Traversal Vulnerability (ZDI-23-1154)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "42986: ZDI-CAN-20914: Zero Day Initiative Vulnerability (SonicWALL GMS Virtual Appliance)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: July 25, 2023
      - Last Modified Date: September 26, 2023

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    43196: HTTP: Juniper Networks Junos OS webauth_operation.php Unauthenticated File Upload
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: September 05, 2023
      - Last Modified Date: September 26, 2023

    43200: HTTP: Juniper Networks Junos OS webauth_operation.php PHPRC Variable Modification Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: September 05, 2023
      - Last Modified Date: September 26, 2023

  Removed Filters: None