New Filters:
42864: HTTP: Git Git Source Code Management apply reject Arbitrary File Write Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a file overwrite vulnerability in Git.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2023-25652
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 04, 2023
42872: HTTP: Splunk Enterprise Splunk App for Lookup File Read Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Splunk App for Lookup File Editing.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-32714
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 04, 2023
42873: HTTP: Splunk Enterprise Splunk App for Lookup File Write Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Splunk App for Lookup File Editing.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-32714
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 04, 2023
42877: HTTP: GeoServer OGC Filter SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL Injection vulnerability in GeoServer.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-25157
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 04, 2023
42884: HTTP: JetBrains TeamCity NuGet Feed Page Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in JetBrains TeamCity.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-34225
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 04, 2023
42885: HTTP: JetBrains TeamCity NuGet Feed Page Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in JetBrains TeamCity.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-34225
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 04, 2023
42888: HTTP: OpenEMR Admin edit_globals.php Application Title Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in OpenEMR.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-2947
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 04, 2023
42889: HTTP: JetBrains TeamCity NuGet Feed Page Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in JetBrains TeamCity.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-34225
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 04, 2023
42895: ZDI-CAN-21201: Zero Day Initiative Vulnerability (Microsoft Teams)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: High
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Microsoft Teams.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 04, 2023
42897: ZDI-CAN-21225: Zero Day Initiative Vulnerability (Softing EdgeConnector Siemens)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Softing EdgeConnector Siemens.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 04, 2023
42898: ZDI-CAN-21220: Zero Day Initiative Vulnerability (SolarWinds Network Configuration)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting SolarWinds Network Configuration.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 04, 2023
42900: HTTP: GeoServer OGC GetCapabilities Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects the usage of the GetCapabilities URL parameter in GeoServer OGC HTTP requests. GeoServer OGC is a family of API standards based on OpenAPI.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2023-25157
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 04, 2023
42901: HTTP: Progress Sitefinity Open Redirection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an open redirect vulnerability in Progress Sitefinity.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2017-18178 CVSS 6.1
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 04, 2023
42902: ZDI-CAN-21223: Zero Day Initiative Vulnerability (SolarWinds Network Configuration)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting SolarWinds Network Configuration.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 04, 2023
42903: ZDI-CAN-21013: Zero Day Initiative Vulnerability (Papercut NG)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Papercut NG.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Deployment: Performance-Optimized (Disabled)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 04, 2023
42904: HTTP: Suspicious MinIO VerifyHandler Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a suspicious request to the MinIO verify endpoint.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2023-28432
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: July 04, 2023
42908: HTTP: Interact.sh Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects the usage of Interact.sh vulnerability scanning that uses Interact.sh servers. Interact.sh is an open-source tool used to detect exploitable system vulnerabilities.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 04, 2023
Modified Filters (logic changes):
* = Enabled in Default deployments
* 24997: HTTP: Apache Struts URLValidator Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: July 19, 2016
- Last Modified Date: July 04, 2023
* 39214: HTTP: Microsoft Internet Explorer Memory Corruption Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: March 09, 2021
- Last Modified Date: July 04, 2023
41830: HTTP: Parse Server transformUpdate Prototype Pollution Vulnerability (ZDI-22-1590)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 11, 2022
- Last Modified Date: July 04, 2023
41908: HTTP: Trend Micro Apex One Hard-coded User-Agent Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41908: HTTP: Trend Micro Apex One Improper Access Control Information Disclosure Vulnerability (ZDI-23-655)".
- Category changed from "Vulnerabilities" to "Security Policy".
- Severity changed from "High" to "Low".
- Description updated.
- Detection logic updated.
- Deployments updated and are now:
- No Deployments.
- Release Date: May 30, 2023
- Last Modified Date: July 04, 2023
Modified Filters (metadata changes only):
* = Enabled in Default deployments
41801: HTTP: Microsoft Exchange Command Exposed Function Code Execution Vulnerability (ZDI-22-1625,23-881)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41801: HTTP: Microsoft Exchange Command Exposed Function Code Execution Vulnerability (ZDI-22-1625)".
- Description updated.
- Vulnerability references updated.
- Release Date: October 04, 2022
- Last Modified Date: July 04, 2023
41862: HTTP: Trend Micro Apex One isapiClientX64.dll Access
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41862: HTTP: Trend Micro Apex One Improper Access Control Information Disclosure Vulnerability (ZDI-23-653)".
- Category changed from "Vulnerabilities" to "Security Policy".
- Severity changed from "High" to "Low".
- Description updated.
- Deployments updated and are now:
- No Deployments.
- Release Date: May 30, 2023
- Last Modified Date: July 04, 2023
42226: HTTP: D-Link D-View uploadMib Directory Traversal Arbitrary Vulnerability (ZDI-23-717,ZDI-23-718)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42226: ZDI-CAN-19527,19529: Zero Day Initiative Vulnerability (D-Link D-View)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: January 31, 2023
- Last Modified Date: July 04, 2023
* 42542: HTTP: Microsoft SharePoint GenerateProxyAssembly Code Injection Vulnerability (Pwn2Own ZDI-23-883)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42542: HTTP: Microsoft SharePoint GenerateProxyAssembly Code Injection Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: April 04, 2023
- Last Modified Date: July 04, 2023
42544: HTTP: Microsoft SharePoint Authentication Bypass Vulnerability (Pwn2Own ZDI-23-882)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42544: HTTP: Microsoft SharePoint ValidateTokenIssuer Authentication Bypass Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: April 04, 2023
- Last Modified Date: July 04, 2023
42545: HTTP: Schneider Electric IGSS DashBoard.exe Unvalidated String Usage (ZDI-23-334,ZDI-23-889)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42545: HTTP: Schneider Electric IGSS DashBoard.exe Unvalidated String Usage (ZDI-23-334)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 04, 2023
- Last Modified Date: July 04, 2023
* 42866: HTTP: MOVEit Transfer SILCertToUser SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: June 20, 2023
- Last Modified Date: July 04, 2023
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.