Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Digital Vaccine #9412

    • Updated:
    • Product/Version:
    • TippingPoint Digital Vaccine
    • Platform:
Summary
Digital Vaccine #9412      April 28, 2020
Details
Public
Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs.

New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com.

SMS customers can update the Digital Vaccine through the SMS client. From the top-line menu, you can open the "File > Download Digital Vaccine from TMC" menu item to detect and load the latest update.

Note: Customers with TP10 devices should perform a soft reboot of their IPS before installing the new DV to avoid a memory issue during the install.
 
System Requirements
The 3.2.0 DV will run on IPS devices with TOS v3.2.0 and above,  all NGFW and all TPS systems. The 4.0.0 DV will only run on the Virtual Threat Protection System (vTPS) appliance. Please note that vTPS does not currently support pre-disclosed ZDI filters.
 
The Digital Vaccine can be manually downloaded from the following URLs:
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_3.2.0_9412.pkg
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=vsa_dv&contentId=SIG_VTPS_4.0.0_9412.pkg

Update Details

Table of Contents
--------------------------

Filters
 New Filters - 31
 Modified Filters (logic changes) - 31
 Modified Filters (metadata changes only) - 23
 Removed Filters - 0

Filters
----------------
 New Filters:
    37637: RPC: Advantech WebAccess SCADA BwPAlarm IOCTL 70022 Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Advantech WebAccess.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - Classification: Vulnerability - Buffer/Heap Overflow
      - Protocol: RPC Services
      - Platform: Multi-Platform Server Application or Service

    37644: ZDI-CAN-8564: Zero Day Initiative Vulnerability (Delta Industrial Automation TPEditor)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Delta Industrial Automation TPEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37645: ZDI-CAN-10111: Zero Day Initiative Vulnerability (Apple Safari)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Apple Safari.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37646: ZDI-CAN-10146: Zero Day Initiative Vulnerability (Fatek Automation WinProladder)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fatek Automation WinProladder.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37647: ZDI-CAN-10502: Zero Day Initiative Vulnerability (Marvell QConvergeConsole)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Marvell QConvergeConsole.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37648: ZDI-CAN-10570: Zero Day Initiative Vulnerability (Fatek Automation WinProladder)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fatek Automation WinProladder.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37649: ZDI-CAN-10586: Zero Day Initiative Vulnerability (Phoenix Contact Automationworx)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Phoenix Contact Automationworx.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37650: ZDI-CAN-10601: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise UCS Meter)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Hewlett Packard Enterprise UCS Meter.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37651: ZDI-CAN-10602: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise UCS Meter)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Hewlett Packard Enterprise UCS Meter.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37652: ZDI-CAN-10603: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise UCS Meter)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Hewlett Packard Enterprise UCS Meter.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37654: ZDI-CAN-10667: Zero Day Initiative Vulnerability (Delta Industrial Automation TPEditor)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Delta Industrial Automation TPEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37655: ZDI-CAN-10726: Zero Day Initiative Vulnerability (Delta Industrial Automation TPEditor)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Delta Industrial Automation TPEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37656: ZDI-CAN-10741: Zero Day Initiative Vulnerability (Oracle WebLogic Server)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Oracle WebLogic Server.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37657: ZDI-CAN-10836: Zero Day Initiative Vulnerability (Microsoft Word)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Word.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37659: ZDI-CAN-10881: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft ScreenEditor)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Delta Industrial Automation CNCSoft ScreenEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37660: ZDI-CAN-10882: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft ScreenEditor)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Delta Industrial Automation CNCSoft ScreenEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37661: ZDI-CAN-10886: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft ScreenEditor)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Delta Industrial Automation CNCSoft ScreenEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37662: ZDI-CAN-10889: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft ScreenEditor)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Delta Industrial Automation CNCSoft ScreenEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37663: ZDI-CAN-10890: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft ScreenEditor)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Delta Industrial Automation CNCSoft ScreenEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37664: ZDI-CAN-10896: Zero Day Initiative Vulnerability (Microsoft Windows)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Word.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37665: ZDI-CAN-10935: Zero Day Initiative Vulnerability (Microsoft Windows)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Word.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37666: ZDI-CAN-10936: Zero Day Initiative Vulnerability (Microsoft Windows)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Word.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37667: ZDI-CAN-10962: Zero Day Initiative Vulnerability (Microsoft Windows)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Word.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37668: HTTP: Foxit Reader XFA host messageBox Use-After-Free Vulnerability (ZDI-18-1190)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-17661
        - Zero Day Initiative: ZDI-18-1190
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application

    37669: HTTP: Delta Industrial Automation CNCSoft ScreenEditor Buffer Overflow Vulnerability (ZDI-19-417)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2019-10947
        - Zero Day Initiative: ZDI-19-417
      - Classification: Vulnerability - Buffer/Heap Overflow
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application

    37670: HTTP: Foxit Reader XFA TimeField getItemState Use-After-Free Vulnerability (ZDI-18-1228)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-17651
        - Zero Day Initiative: ZDI-18-1228
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application

    37677: HTTP: Foxit PhantomPDF HTML2PDF HTML Parsing Information Disclosure Vulnerability (ZDI-19-439)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects and attempt to exploit an information disclosure vulnerability in Foxit PhantomPDF.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2019-6765
        - Zero Day Initiative: ZDI-19-439
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application

    37678: HTTP: Delta Industrial Automation CNCSoft Information Disclosure Vulnerability (ZDI-19-418)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2019-10949
        - Zero Day Initiative: ZDI-19-418
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application

    37679: HTTP: Delta Industrial Automation CNCSoft Information Disclosure Vulnerability (ZDI-19-415)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2019-10949
        - Zero Day Initiative: ZDI-19-415
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application

    37680: HTTP: Delta Industrial Automation CNCSoft Information Disclosure Vulnerability (ZDI-19-413)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Delta Industrial Automation CNCSoft ScreenEditor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2019-10949
        - Zero Day Initiative: ZDI-19-413
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application

    37681: TCP: Oracle Weblogic Server Java Deserialization Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a Java deserialization vulnerability in Oracle WebLogic Server.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2016-0638
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    33162: HTTP: Microsoft Windows vcf File Security Bypass Vulnerability (ZDI-19-013)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    34585: HTTP: HPE IMC Code Execution Vulnerability (ZDI-19-522,523,524,ZDI-20-159,161,190)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "34585: ZDI-CAN-6874,6877,6878,8988,8982,9008: Zero Day Initiative Vulnerability (HPE IMC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    35351: HTTP: Adobe Photoshop JSX File Information Disclosure Vulnerability (ZDI-19-775)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35351: ZDI-CAN-8503: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    35352: HTTP: Adobe Photoshop JSX File ExtendScript Denial-of-Service Vulnerability (ZDI-19-776)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35352: ZDI-CAN-8504: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    35353: HTTP: Adobe Photoshop JSX File ExtendScript Code Execution Vulnerability (ZDI-19-777)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35353: ZDI-CAN-8505: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    35360: HTTP: Adobe Photoshop PostScript File Font Parsing Information Disclosure Vulnerability (ZDI-19-727)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35360: ZDI-CAN-8475: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    35361: HTTP: Adobe Photoshop PostScript File Font Parsing Out-Of-Bounds Write Vulnerability (ZDI-19-728)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "35361: ZDI-CAN-8479: Zero Day Initiative Vulnerability (Adobe Photoshop)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36474: HTTP: Cisco Data Center Network Manager getConfigTemplateFileName SQL Injection (ZDI-20-111)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36474: ZDI-CAN-9356: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36509: HTTP: Cisco Data Center Network Manager AFW Image Upload Directory Traversal (ZDI-20-103)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36509: ZDI-CAN-9305: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36517: HTTP: Cisco Data Center Network Manager setVxlanProperties SQL Injection Vulnerability (ZDI-20-096)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36517: ZDI-CAN-9283: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36541: HTTP: Cisco Data Center Network Manager getOidSanStatList SQL Injection Vulnerability (ZDI-20-068)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36541: ZDI-CAN-9186: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36542: HTTP: Cisco Data Center Network Manager getSanStatEntities SQL Injection Vulnerability (ZDI-20-069)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36542: ZDI-CAN-9187: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36543: HTTP: Cisco Data Center Network Manager getLanStatEntities SQL Injection Vulnerability (ZDI-20-070)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36543: ZDI-CAN-9188: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36544: HTTP: Cisco Data Center Network Manager getLanSwitchListWithoutUsedPorts SQL Injection (ZDI-20-071)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36544: ZDI-CAN-9189: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36588: HTTP: Cisco Data Center Network Manager getLanGigEStatList SQL Injection Vulnerability (ZDI-20-074)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36588: ZDI-CAN-9194: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36606: HTTP: Cisco Data Center Network Manager getLanIslStatJoinList SQL Injection (ZDI-20-075)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36606: ZDI-CAN-9195: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36607: HTTP: Cisco Data Center Network Manager getNpvLinkStatList SQL Injection Vulnerability (ZDI-20-076)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36607: ZDI-CAN-9196: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36608: HTTP: Cisco Data Center Network Manager getLanIslStatList SQL Injection Vulnerability (ZDI-20-077)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36608: ZDI-CAN-9197: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36610: HTTP: Cisco Data Center Network Manager getSanIslStatList SQL Injection Vulnerability (ZDI-20-079)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36610: ZDI-CAN-9199: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36635: DNS: TP-Link Archer A7 DNS Response Stack-based Buffer Overflow Vulnerability (Pwn2Own ZDI-20-333)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36635: PWN2OWN ZDI-CAN-9660: Zero Day Initiative Vulnerability (TP-Link Archer A7)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36660: TCP: MikroTik RouterOS WinBox Authentication Bypass Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36660: TCP: MicroTik RouterOS WinBox Authentication Bypass Vulnerability".
      - Detection logic updated.

    36741: HTTP: Advantech WebAccess/NMS reflashEventLog SQL Injection Vulnerability (ZDI-20-381)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36741: ZDI-CAN-9574: Zero Day Initiative Vulnerability (Advantech WebAccess/NMS)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36898: HTTP: Microsoft Windows JET Database Engine Buffer Overflow Vulnerability (ZDI-20-458)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36898: ZDI-CAN-10057: Zero Day Initiative Vulnerability (Microsoft JET Database)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36899: HTTP: Microsoft Windows JET Database Engine Out-Of-Bounds Write Vulnerability (ZDI-20-457)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36899: ZDI-CAN-10059: Zero Day Initiative Vulnerability (Microsoft JET Database)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36979: HTTP: Microsoft Windows JET Database Engine Memory Corruption Vulnerability (ZDI-20-461)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36979: ZDI-CAN-10063: Zero Day Initiative Vulnerability (Microsoft JET Database)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36980: HTTP: Microsoft Windows JET Database Engine Memory Corruption Vulnerability (ZDI-20-464)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36980: ZDI-CAN-10062: Zero Day Initiative Vulnerability (Microsoft JET Database)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36981: HTTP: Microsoft Windows JET Database Engine Out-Of-Bounds Write Vulnerability (ZDI-20-463)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36981: ZDI-CAN-10061: Zero Day Initiative Vulnerability (Microsoft JET Database)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 37264: HTTP: Google Chrome JSCreate Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37264: HTTP: Google Chrome kJSCreate Memory Corruption Vulnerability".
      - Detection logic updated.

    37279: HTTP: Microsoft Windows JET Database Engine Integer Underflow Vulnerability (ZDI-20-460)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37279: ZDI-CAN-9968: Zero Day Initiative Vulnerability (Microsoft JET Database)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    37298: TCP: Oracle WebLogic Server T3 Protocol Java Deserialization Vulnerability (ZDI-20-504)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37298: ZDI-CAN-10341: Zero Day Initiative Vulnerability (Oracle WebLogic Server)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    37332: HTTP: Delta Industrial Automation DPB File Parsing GifName Buffer Overflow Vulnerability(ZDI-20-308)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37332: ZDI-CAN-10141: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    13855: TCP: XML External Entity (XXE) Usage
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    32061: HTTP: Fuji Electric V-Server VPR File Parsing Buffer Overflow Vulnerability (ZDI-18-1011-12)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "32061: HTTP: Fuji Electric V-Server VPR File Parsing Buffer Overflow Vulnerability (ZDI-18-1012)".
      - Description updated.
      - Vulnerability references updated.

    33572: HTTP: HPE Intelligent Management Center Expression Language Injection Vulnerability (ZDI-19-240) 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    33573: HTTP: HPE Intelligent Management Center faultParasSet Expression Language Injection (ZDI-19-234) 
      - IPS Version: 3.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    33663: HTTP: HPE Intelligent Management Center Remote Code Execution Vulnerability (ZDI-19-266)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    33664: HTTP: HPE Intelligent Management Center Remote Code Execution Vulnerability (ZDI-19-267)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    33665: HTTP: HPE Intelligent Management Center Remote Code Execution Vulnerability (ZDI-19-268)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    33666: HTTP: HPE Intelligent Management Center Remote Code Execution Vulnerability (ZDI-19-269,ZDI-20-179)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33666: HTTP: HPE Intelligent Management Center Remote Code Execution Vulnerability (ZDI-19-269)".
      - Description updated.
      - Vulnerability references updated.

    33667: HTTP: HPE Intelligent Management Center Remote Code Execution Vulnerability (ZDI-19-271,ZDI-20-174)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33667: HTTP: HPE Intelligent Management Center Remote Code Execution Vulnerability (ZDI-19-271)".
      - Description updated.
      - Vulnerability references updated.

    33668: HTTP: HPE Intelligent Management Center Remote Code Execution Vulnerability (ZDI-19-263,ZDI-20-184)
      - IPS Version: 3.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33668: HTTP: HPE Intelligent Management Center select Expression Language Injection (ZDI-19-263) ".
      - Description updated.
      - Vulnerability references updated.

    33670: HTTP: HPE Intelligent Management Center Remote Code Execution Vulnerability (ZDI-19-260,ZDI-20-169)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33670: HTTP: HPE Intelligent Management Center Expression Language Injection Vulnerability (ZDI-19-260) ".
      - Description updated.
      - Vulnerability references updated.

    33839: HTTP: HPE Intelligent Management Center Code Execution Vulnerability (ZDI-19-340,ZDI-20-168)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33839: HTTP: HPE Intelligent Management Center selViewNavContent Code Execution Vulnerability (ZDI-19-340)".
      - Description updated.
      - Vulnerability references updated.

    33841: HTTP: HPE Intelligent Management Center Remote Code Execution Vulnerability (ZDI-19-298,ZDI-20-150)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33841: HTTP: HPE Intelligent Management Center Code Execution Vulnerability (ZDI-19-298)".
      - Description updated.
      - Vulnerability references updated.

    33842: HTTP: HPE Intelligent Management Center Code Execution Vulnerability (ZDI-19-297,ZDI-20-170)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33842: HTTP: HPE Intelligent Management Center Code Execution Vulnerability (ZDI-19-297)".
      - Description updated.
      - Vulnerability references updated.

    33849: HTTP: HPE Intelligent Management Center sshConfig Code Execution Vulnerability (ZDI-19-301,20-187)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33849: HTTP: HPE Intelligent Management Center sshConfig Code Execution Vulnerability (ZDI-19-301)".
      - Description updated.
      - Vulnerability references updated.

    33850: HTTP: HPE Intelligent Management Center Expression Language Injection Vulnerability (ZDI-19-296)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    33851: HTTP: HPE Intelligent Management Center Code Execution Vulnerability (ZDI-19-302)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    33856: HTTP: HPE Intelligent Management Center Code Execution Vulnerability (ZDI-19-338)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    33857: HTTP: HPE IMC wmiConfigContent Code Execution Vulnerability (ZDI-19-337,ZDI-20-194)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33857: HTTP: HPE Intelligent Management Center wmiConfigContent Code Execution Vulnerability (ZDI-19-337)".
      - Description updated.
      - Vulnerability references updated.

    33989: HTTP: HPE Intelligent Management Center iccSelectDevType Expression Language Injection (ZDI-19-452) 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

    37010: ZDI-CAN-10052,10053: Zero Day Initiative Vulnerability (Multiple Adobe Products)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not Available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Vulnerability references updated.

    37331: HTTP: Microsoft Excel XLSM File Information Disclosure Vulnerability (ZDI-20-469)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37331: HTTP: Microsoft Excel XLSM File Information Disclosure Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    * 37481: HTTP: rConfig Network Device Configuration Tool commands.inc.php SQL Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37481: HTTP: rConfig commands.inc.php SQL Injection Vulnerability".

  Removed Filters: None
  
Top of the Page
Premium
Internal
Partner
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000251030
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.