New Filters:
42853: HTTP: Microsoft Teams Suspicious Isolated Webview Prototype Detected (ZDI-23-1767)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects the presence of a suspicious isolated webview prototype in Microsoft Teams.
- Deployment: Not enabled by default in any deployment.
- References:
- Zero Day Initiative: ZDI-23-1767
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 26, 2023
43550: HTTP: OpenEMR share_template.php list_id Reflected Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in OpenEMR.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-2948 CVSS 6.1
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 26, 2023
43578: HTTP: SolarWinds Orion Platform VimCharInfo SQL Injection Vulnerability (ZDI-23-1762)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Solarwinds Orion.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-40056 CVSS 8.8
- Zero Day Initiative: ZDI-23-1762
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 26, 2023
43579: HTTP: Lanling OA Suspicious sysUiComponent File Upload Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects a suspicious file upload in Lanling OA.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 26, 2023
43581: ZDI-CAN-22455: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise OneView)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: High
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Hewlett Packard Enterprise OneView.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43582: ZDI-CAN-22454: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise OneView)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: High
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Hewlett Packard Enterprise OneView.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43589: HTTP: Landray OA Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a remote code execution vulnerability in Landray OA.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 26, 2023
43590: ZDI-CAN-22294: Zero Day Initiative Vulnerability (Centreon)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Centreon.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43591: ZDI-CAN-22295,22296: Zero Day Initiative Vulnerability (Centreon)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Centreon.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43592: ZDI-CAN-22297,22298: Zero Day Initiative Vulnerability (Centreon)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Centreon.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43593: ZDI-CAN-22339: Zero Day Initiative Vulnerability (Centreon)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Centreon.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43594: ZDI-CAN-22379: Zero Day Initiative Vulnerability (Xiaomi Pro 13)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Xiaomi Pro 13.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43595: ZDI-CAN-22409: Zero Day Initiative Vulnerability (Samsung Galaxy S23)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung Galaxy S23.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
43596: ZDI-CAN-22368: Zero Day Initiative Vulnerability (Samsung Galaxy S23)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung Galaxy S23.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 26, 2023
Modified Filters (logic changes):
* = Enabled in Default deployments
* 41106: HTTP: VMware Spring Cloud Gateway SpEL Code Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: April 05, 2022
- Last Modified Date: December 26, 2023
43081: HTTP: Delta Electronics InfraSuite Device Master Deserialization Vulnerability (ZDI-23-1753,1754)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43081: ZDI-CAN-21770,21771: Zero Day Initiative Vulnerability (Delta Electronics Infrasuite Device Master)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 01, 2023
- Last Modified Date: December 26, 2023
43508: HTTP: Suspicious Internet Shortcut File Download
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: December 05, 2023
- Last Modified Date: December 26, 2023
Modified Filters (metadata changes only):
* = Enabled in Default deployments
42031: HTTP: Microsoft Skype Cross-Site Scripting Vulnerability (ZDI-23-1769)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42031: ZDI-CAN-19099: Zero Day Initiative Vulnerability (Microsoft Skype)".
- Description updated.
- Vulnerability references updated.
- Release Date: December 20, 2022
- Last Modified Date: December 26, 2023
* 43469: HTTP: Adobe Acrobat Reader DC Annotation Use-After-Free Vulnerability (ZDI-23-1748)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43469: ZDI-CAN-22292: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
- Description updated.
- Vulnerability references updated.
- Release Date: November 14, 2023
- Last Modified Date: December 26, 2023
Removed Filters: None
|
Views:
Keywords: Digital Vaccine #9860