New Filters:
43633: HTTP: Possible Command Injection in URI Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects the presence of certain suspicious commands in the URI of a request.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 27, 2024
43819: HTTP: XWiki.org XWiki SearchAdmin Code Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code injection vulnerability in XWiki.org XWiki.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-50721 CVSS 7.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 27, 2024
43828: ZDI-CAN-23245: Zero Day Initiative Vulnerability (Silicon Labs Gecko OS)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Silicon Labs Gecko OS.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: February 27, 2024
43843: ZDI-CAN-22968: Zero Day Initiative Vulnerability (Trend Micro Apex One)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Trend Micro Apex One.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: February 27, 2024
43888: HTTP: GNU GIMP PSP Image Color Palette Block Parsing Buffer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a buffer overflow vulnerability in GNU Image Manipulation Program (GIMP).
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-44443
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: February 27, 2024
43899: HTTP: ClamAV VirusEvent Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in ClamAV.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-20328 CVSS 7.2
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: February 27, 2024
43900: SMTP: Microsoft Outlook MonikerLink Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code execution vulnerability in Microsoft Exchange.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-21413
- Classification: Vulnerability - Other
- Protocol: SMTP
- Platform: Windows Client Application
- Release Date: February 27, 2024
43906: HTTP: Suspicious jQuery UI .checkboxradio Widget Call
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects suspicious traffic in jQuery UI related to the .checkboxradio widget.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2022-31160 CVSS 6.1
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 27, 2024
43909: DNS: DNSSEC KeyTrap Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in DNSSEC.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-50387 CVSS 7.5
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: DNS
- Platform: Multi-Platform Server Application or Service
- Release Date: February 27, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
17023: HTTP: Rejetto HttpFileServer Remote Command Execution Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Deployments updated and are now:
- Deployment: Security-Optimized (Block / Notify)
- Release Date: November 18, 2014
- Last Modified Date: February 27, 2024
* 41205: HTTP: VMware Workspace ONE Access deviceUdid Server-Side Template Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: April 26, 2022
- Last Modified Date: February 27, 2024
* 41635: HTTP: Suspicious WebDAV PROPFIND Response
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 11, 2022
- Last Modified Date: February 27, 2024
42224: ZDI-CAN-20180,20181,23401: Zero Day Initiative Vulnerability (Trend Micro Multiple Products)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Name changed from "42224: ZDI-CAN-20180,20181: Zero Day Initiative Vulnerability (Trend Micro Mobile Security for Enterprises)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 31, 2023
- Last Modified Date: February 27, 2024
43155: HTTP: SolarWinds Orion Platform AppendCreatePrimary SQL Injection Vulnerability (ZDI-24-170)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43155: ZDI-CAN-21895: Zero Day Initiative Vulnerability (SolarWinds Orion)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: February 27, 2024
43156: HTTP: SolarWinds Orion Platform AppendUpdate SQL Injection Vulnerability (ZDI-24-171)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43156: ZDI-CAN-21894: Zero Day Initiative Vulnerability (SolarWinds Orion)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 22, 2023
- Last Modified Date: February 27, 2024
43396: HTTP: Oracle Product Lifecycle Management ExportServlet Deserialization Vulnerability (ZDI-24-096)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43396: ZDI-CAN-21848: Zero Day Initiative Vulnerability (Oracle Product Lifecycle Management)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 31, 2023
- Last Modified Date: February 27, 2024
43590: HTTP: Centreon updateDirectory SQL Injection Vulnerability (ZDI-24-118)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43590: ZDI-CAN-22294: Zero Day Initiative Vulnerability (Centreon)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 26, 2023
- Last Modified Date: February 27, 2024
43591: HTTP: Centreon updateGroups SQL Injection Vulnerability (ZDI-24-116,ZDI-24-117)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43591: ZDI-CAN-22295,22296: Zero Day Initiative Vulnerability (Centreon)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 26, 2023
- Last Modified Date: February 27, 2024
43592: HTTP: Centreon updateContactServiceCommands SQL Injection Vulnerability (ZDI-24-115,ZDI-24-114)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43592: ZDI-CAN-22297,22298: Zero Day Initiative Vulnerability (Centreon)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 26, 2023
- Last Modified Date: February 27, 2024
43593: HTTP: Centreon insertGraphTemplate SQL Injection Vulnerability (ZDI-24-113)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43593: ZDI-CAN-22339: Zero Day Initiative Vulnerability (Centreon)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 26, 2023
- Last Modified Date: February 27, 2024
43617: HTTP: Allegra uploadFile Directory Traversal Vulnerability (ZDI-24-103)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43617: ZDI-CAN-22510: Zero Day Initiative Vulnerability (Allegra)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: February 27, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
43222: HTTP: Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-178)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43222: ZDI-CAN-21715: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)".
- Description updated.
- Vulnerability references updated.
- Release Date: September 12, 2023
- Last Modified Date: February 27, 2024
43339: HTTP: Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-176)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43339: ZDI-CAN-21710: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)".
- Description updated.
- Vulnerability references updated.
- Release Date: October 17, 2023
- Last Modified Date: February 27, 2024
43341: HTTP: Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Read Vulnerability (ZDI-24-179)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43341: ZDI-CAN-22055: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)".
- Description updated.
- Vulnerability references updated.
- Release Date: October 17, 2023
- Last Modified Date: February 27, 2024
43342: HTTP: Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-180)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43342: ZDI-CAN-22059: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)".
- Description updated.
- Vulnerability references updated.
- Release Date: October 17, 2023
- Last Modified Date: February 27, 2024
43343: HTTP: Siemens Simcenter Femap MODEL File Parsing Uninitialized Pointer Vulnerability (ZDI-24-181)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43343: ZDI-CAN-22060: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)".
- Description updated.
- Vulnerability references updated.
- Release Date: October 17, 2023
- Last Modified Date: February 27, 2024
43519: HTTP: Western Digital MyCloud PR4100 RESTSDK Denial-of-Service Vulnerability (Pwn2Own ZDI-24-088)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43519: ZDI-CAN-22440: Zero Day Initiative Vulnerability (Western Digital MyCloud PR4100)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: December 05, 2023
- Last Modified Date: February 27, 2024
43548: HTTP: TP-Link Omada ER605 Access Control Command Injection Vulnerability (ZDI-24-086)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43548: ZDI-CAN-22227: Zero Day Initiative Vulnerability (TP-Link Omada ER605)".
- Description updated.
- Vulnerability references updated.
- Release Date: December 12, 2023
- Last Modified Date: February 27, 2024
43566: HTTP: Allegra downloadExportedChart Directory Traversal Vulnerability (ZDI-24-110)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43566: ZDI-CAN-22361: Zero Day Initiative Vulnerability (Allegra)".
- Description updated.
- Vulnerability references updated.
- Release Date: December 19, 2023
- Last Modified Date: February 27, 2024
43613: HTTP: Allegra extarctZippedFile Directory Traversal Vulnerability (ZDI-24-107)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43613: ZDI-CAN-22504: Zero Day Initiative Vulnerability (Allegra)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: February 27, 2024
43616: HTTP: Allegra downloadAttachmentGlobal Directory Traversal Vulnerability (ZDI-24-112)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43616: ZDI-CAN-22507: Zero Day Initiative Vulnerability (Allegra)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: February 27, 2024
43618: HTTP: Allegra unzipFile Directory Traversal Vulnerability (ZDI-24-101)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43618: ZDI-CAN-22513: Zero Day Initiative Vulnerability (Allegra)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: February 27, 2024
43620: HTTP: Allegra saveInlineEdit Directory Traversal Vulnerability (ZDI-24-108)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43620: ZDI-CAN-22528: Zero Day Initiative Vulnerability (Allegra)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: February 27, 2024
43621: HTTP: Allegra getFileContentAsString Directory Traversal Vulnerability (ZDI-24-099)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43621: ZDI-CAN-22530: Zero Day Initiative Vulnerability (Allegra)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: February 27, 2024
43622: HTTP: Allegra serveMathJaxLibraries Directory Traversal Vulnerability (ZDI-24-100)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43622: ZDI-CAN-22532: Zero Day Initiative Vulnerability (Allegra)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: January 16, 2024
- Last Modified Date: February 27, 2024
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.