New Filters:
42853: HTTP: Microsoft Teams Suspicious Isolated Webview Prototype Detected (ZDI-23-1767)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects the presence of a suspicious isolated webview prototype in Microsoft Teams.
- Deployment: Not enabled by default in any deployment.
- References:
- Zero Day Initiative: ZDI-23-1767
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 26, 2023
43550: HTTP: OpenEMR share_template.php list_id Reflected Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in OpenEMR.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-2948 CVSS 6.1
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 26, 2023
43578: HTTP: SolarWinds Orion Platform VimCharInfo SQL Injection Vulnerability (ZDI-23-1762)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Solarwinds Orion.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-40056 CVSS 8.8
- Zero Day Initiative: ZDI-23-1762
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 26, 2023
43579: HTTP: Lanling OA Suspicious sysUiComponent File Upload Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects a suspicious file upload in Lanling OA.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 26, 2023
43581: ZDI-CAN-22455: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise OneView)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: High
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Hewlett Packard Enterprise OneView.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43582: ZDI-CAN-22454: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise OneView)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: High
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Hewlett Packard Enterprise OneView.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43589: HTTP: Landray OA Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a remote code execution vulnerability in Landray OA.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 26, 2023
43590: ZDI-CAN-22294: Zero Day Initiative Vulnerability (Centreon)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Centreon.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43591: ZDI-CAN-22295,22296: Zero Day Initiative Vulnerability (Centreon)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Centreon.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43592: ZDI-CAN-22297,22298: Zero Day Initiative Vulnerability (Centreon)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Centreon.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43593: ZDI-CAN-22339: Zero Day Initiative Vulnerability (Centreon)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Centreon.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43594: ZDI-CAN-22379: Zero Day Initiative Vulnerability (Xiaomi Pro 13)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Xiaomi Pro 13.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43595: ZDI-CAN-22409: Zero Day Initiative Vulnerability (Samsung Galaxy S23)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung Galaxy S23.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43596: ZDI-CAN-22368: Zero Day Initiative Vulnerability (Samsung Galaxy S23)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung Galaxy S23.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
Modified Filters (logic changes):
* = Enabled in Default deployments
* 41106: HTTP: VMware Spring Cloud Gateway SpEL Code Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: April 05, 2022
- Last Modified Date: December 26, 2023
43081: HTTP: Delta Electronics InfraSuite Device Master Deserialization Vulnerability (ZDI-23-1753,1754)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43081: ZDI-CAN-21770,21771: Zero Day Initiative Vulnerability (Delta Electronics Infrasuite Device Master)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: December 26, 2023
43508: HTTP: Suspicious Internet Shortcut File Download
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: December 05, 2023
- Last Modified Date: December 26, 2023
Modified Filters (metadata changes only):
* = Enabled in Default deployments
42031: HTTP: Microsoft Skype Cross-Site Scripting Vulnerability (ZDI-23-1769)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42031: ZDI-CAN-19099: Zero Day Initiative Vulnerability (Microsoft Skype)".
- Description updated.
- Vulnerability references updated.
- Release Date: December 20, 2022
- Last Modified Date: December 26, 2023
* 43469: HTTP: Adobe Acrobat Reader DC Annotation Use-After-Free Vulnerability (ZDI-23-1748)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43469: ZDI-CAN-22292: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
- Description updated.
- Vulnerability references updated.
- Release Date: November 14, 2023
- Last Modified Date: December 26, 2023
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.