New Filters:
43390: TCP: Rockwell Automation ThinManager ThinServer Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Rockwell Automation ThinManager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-2915 CVSS 8.2
- Classification: Vulnerability - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: October 31, 2023
43391: HTTP: JetBrains TeamCity XML-RPC Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in JetBrains TeamCity.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-42793 CVSS 9.3
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 31, 2023
43394: HTTP: GitLab Community and Enterprise Edition AutolinkFilter Regex Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in GitLab Community and Enterprise Edition.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-3364 CVSS 7.8
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 31, 2023
43396: ZDI-CAN-21848: Zero Day Initiative Vulnerability (Oracle Product Lifecycle Management)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Oracle Product Lifecycle Management.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 31, 2023
43398: PWN2OWN ZDI-CAN-22407: Zero Day Initiative Vulnerability (QNAP TS-464)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting QNAP TS-464.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 31, 2023
43399: PWN2OWN ZDI-CAN-22410: Zero Day Initiative Vulnerability (QNAP TS-464)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting QNAP TS-464.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 31, 2023
43401: PWN2OWN ZDI-CAN-22463: Zero Day Initiative Vulnerability (QNAP TS-464)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting QNAP TS-464.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 31, 2023
43403: PWN2OWN ZDI-CAN-22493: Zero Day Initiative Vulnerability (QNAP TS-464)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting QNAP TS-464.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 31, 2023
43404: PWN2OWN ZDI-CAN-22494: Zero Day Initiative Vulnerability (QNAP TS-464)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting QNAP TS-464.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 31, 2023
43406: HTTP: Netscaler ADC and Gateway Memory Corruption Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an memory corruption vulnerability in Netscaler Application Delivery Controller and Gateway.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-4966
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 31, 2023
43408: PWN2OWN ZDI-CAN-22497: Zero Day Initiative Vulnerability (QNAP TS-464)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting QNAP TS-464.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 31, 2023
43409: HTTP: Rudderlabs Rudder-Server Blind SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects a blind SQL injection attack against Rudderlabs Rudder-Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-30625
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 31, 2023
Modified Filters (logic changes):
* = Enabled in Default deployments
13990: TCP: HP Data Protector Multiple Opcodes Parsing Code Execution Vulnerability (ZDI-14-002)
- IPS Version: 3.6.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Deployments updated and are now:
- No Deployments.
- Release Date: July 01, 2014
- Last Modified Date: October 31, 2023
13999: TCP: HP Data Protector Opcode Parsing Directory Traversal Vulnerability (ZDI-14-003)
- IPS Version: 3.9.5 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Deployments updated and are now:
- No Deployments.
- Release Date: May 27, 2014
- Last Modified Date: October 31, 2023
16627: TCP: HP Data Protector Backup Multiple Opcodes Communication
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: August 19, 2014
- Last Modified Date: October 31, 2023
17160: TCP: HP LeftHand Virtual SAN Appliance Hydra Login Buffer Overflow Vulnerability (ZDI-13-179)
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: May 19, 2015
- Last Modified Date: October 31, 2023
25441: TLS: OpenSSL tls_get_message_body Use-After-Free Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: November 01, 2016
- Last Modified Date: October 31, 2023
41879: HTTP: D-Link DAP-1325 HNAP SetWLanRadioSettings Channel Command Injection Vulnerability(ZDI-23-1501)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41879: ZDI-CAN-18822: Zero Day Initiative Vulnerability (D-Link DAP-1325)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 25, 2022
- Last Modified Date: October 31, 2023
41881: HTTP: D-Link DAP-1325 get_value_from_app Stack-based Buffer Overflow Vulnerability (ZDI-23-1502)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41881: ZDI-CAN-18823: Zero Day Initiative Vulnerability (D-Link DAP-1325)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 25, 2022
- Last Modified Date: October 31, 2023
42630: HTTP: D-Link DIR-X3260 Prog.cgi Heap-based Buffer Overflow Vulnerability (ZDI-23-1516)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42630: ZDI-CAN-20727: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 25, 2023
- Last Modified Date: October 31, 2023
42755: HTTP: Cacti graph_view SQL Injection Authentication Bypass Vulnerability (ZDI-23-1500)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42755: ZDI-CAN-20767: Zero Day Initiative Vulnerability (Cacti)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 30, 2023
- Last Modified Date: October 31, 2023
42991: HTTP: SolarWinds Access Rights Manager Remote Code Execution Vulnerability (ZDI-23-1566)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42991: ZDI-CAN-21376: Zero Day Initiative Vulnerability (SolarWinds Access Rights Manager)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: October 31, 2023
42996: HTTP: SolarWinds Access Rights Manager ExecuteAction Deserialization Vulnerability (ZDI-23-1563)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42996: ZDI-CAN-21385: Zero Day Initiative Vulnerability (SolarWinds Access Rights Manager)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: October 31, 2023
Modified Filters (metadata changes only):
* = Enabled in Default deployments
21833: TCP: Oracle Java Serialized Object
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: November 17, 2015
- Last Modified Date: October 31, 2023
41716: TCP: VMware vRealize Log Insight Directory Traversal Vulnerability (ZDI-23-115)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: September 13, 2022
- Last Modified Date: October 31, 2023
41807: HTTP: A10 Thunder ADC ShowTechDownloadView Directory Traversal Vulnerability (ZDI-23-1495)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41807: ZDI-CAN-17899: Zero Day Initiative Vulnerability (A10 Thunder ADC)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: October 04, 2022
- Last Modified Date: October 31, 2023
42627: HTTP: D-Link DIR-X3260 Prog.cgi Stack-based Buffer Overflow Vulnerability (ZDI-23-1517)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42627: ZDI-CAN-20774: Zero Day Initiative Vulnerability (D-Link DIR-X3260)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 25, 2023
- Last Modified Date: October 31, 2023
42788: HTTP: Siemens Tecnomatix Plant Simulation SPP Out-Of-Bounds Write Vulnerability (ZDI-23-1572)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42788: ZDI-CAN-21106: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 06, 2023
- Last Modified Date: October 31, 2023
42789: HTTP: Siemens Tecnomatix Plant Simulation SPP Out-Of-Bounds Write Vulnerability (ZDI-23-1570)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42789: ZDI-CAN-21132: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 06, 2023
- Last Modified Date: October 31, 2023
42959: HTTP: Siemens Tecnomatix Plant Simulation Heap-based Buffer Overflow Vulnerability (ZDI-23-1557)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42959: ZDI-CAN-21109: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 18, 2023
- Last Modified Date: October 31, 2023
42960: HTTP: Siemens Tecnomatix Plant Simulation Heap-based Buffer Overflow Vulnerability (ZDI-23-1556)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42960: ZDI-CAN-21138: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 18, 2023
- Last Modified Date: October 31, 2023
42961: HTTP: Siemens Tecnomatix Plant Simulation PAR File Out-Of-Bounds Write Vulnerability (ZDI-23-1558)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42961: ZDI-CAN-21155: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 18, 2023
- Last Modified Date: October 31, 2023
42988: HTTP: SolarWinds Access Rights Manager File Directory Traversal Vulnerability (ZDI-23-1567)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42988: ZDI-CAN-21119: Zero Day Initiative Vulnerability (SolarWinds Access Rights Manager)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: October 31, 2023
42989: HTTP: SolarWinds Access Rights Manager OpenFile Directory Traversal Vulnerability (ZDI-23-1565)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42989: ZDI-CAN-21120: Zero Day Initiative Vulnerability (SolarWinds Access Rights Manager)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: October 31, 2023
42995: HTTP: SolarWinds Access Rights Manager IFormTemplate Deserialization Vulnerability (ZDI-23-1560)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42995: ZDI-CAN-21375: Zero Day Initiative Vulnerability (SolarWinds Access Rights Manager)".
- Description updated.
- Vulnerability references updated.
- Release Date: July 25, 2023
- Last Modified Date: October 31, 2023
* 43067: HTTP: F5 BIG-IP OS unzip Directory Traversal Vulnerability (ZDI-23-1559)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43067: ZDI-CAN-21463: Zero Day Initiative Vulnerability (F5 BIG-IP)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: October 31, 2023
43153: HTTP: Ivanti Endpoint Manager ProcessEPMAuthToken Deserialization Vulnerability (ZDI-23-1532)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43153: ZDI-CAN-21852: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: October 31, 2023
Removed Filters: None
Copyright© 2023 Trend Micro Incorporated. All rights reserved. Trend Micro, the Trend Micro logo, TippingPoint™, the TippingPoint logo, and Digital Vaccine are trademarks or registered trademarks of Trend Micro Incorporated. The information is provided “as is” without warranty of any kind and is subject to change without notice. The only warranties for Trend Micro products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Trend Micro shall not be liable for technical or editorial errors or omissions contained herein.
If you no longer wish to receive these emails, please unsubscribe. |
|
