Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Digital Vaccine #9537

    • Updated:
    • 12 May 2021
    • Product/Version:
    • TippingPoint Digital Vaccine
    • Platform:
Summary
Digital Vaccine #9537      May 11, 2021
Details
Public
 
Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs.

New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com.
 
System Requirements
The 3.2.0 DV will run on IPS devices with TOS v3.2.0 and above,  and all TPS systems. The 4.0.0 DV will only run on the Virtual Threat Protection System (vTPS) appliance. Please note that vTPS does not currently support pre-disclosed ZDI filters.
 
Microsoft Security Bulletins
This DV includes coverage for the Microsoft vulnerabilities released on or before May 11, 2021. The following table maps TippingPoint filters to the Microsoft CVEs.
CVEFilterStatus
CVE-2020-24587 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2020-24588 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2020-26144 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-26418 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-2641939664 
CVE-2021-26421 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-26422 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-27068 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-28455 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-28461 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-28465*38934, *39316 
CVE-2021-28476 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-28478 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-28479 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31165 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31166 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31167 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31168 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31169 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31170 Not Network Visible
CVE-2021-31171 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31172 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31173 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31174 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31175*39585 
CVE-2021-31176*39080 
CVE-2021-31177*39079 
CVE-2021-31178 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31179 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31180 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31181*39100 
CVE-2021-31182 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31184 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31185 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31186 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31187 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31188 Not Network Visible
CVE-2021-31190 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31191 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31192 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31193 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31194 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31195 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31198 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31200 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31204 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31205 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31207 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31208 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31209 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31211 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31213 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31214 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2021-31936 Vendor Deemed Reproducibility or Exploitation Unlikely
Filters marked with * shipped prior to this DV, providing zero-day protection.
 
Adobe Security Bulletins
This DV includes coverage for the Adobe vulnerabilities released on or before May 11, 2021. The following table maps TippingPoint filters to the Adobe CVEs.
BulletinCVEFilterStatus
APSB21-29CVE-2021-2855039685 
APSB21-29CVE-2021-28553 Vendor Deemed Reproducibility or Exploitation Unlikely
APSB21-29CVE-2021-28555 Vendor Deemed Reproducibility or Exploitation Unlikely
APSB21-29CVE-2021-28557 Vendor Deemed Reproducibility or Exploitation Unlikely
APSB21-29CVE-2021-28558 Vendor Deemed Reproducibility or Exploitation Unlikely
APSB21-29CVE-2021-28559 Vendor Deemed Reproducibility or Exploitation Unlikely
APSB21-29CVE-2021-2856039686 
APSB21-29CVE-2021-28561 Vendor Deemed Reproducibility or Exploitation Unlikely
APSB21-29CVE-2021-28562 Vendor Deemed Reproducibility or Exploitation Unlikely
APSB21-29CVE-2021-28564 Vendor Deemed Reproducibility or Exploitation Unlikely
APSB21-29CVE-2021-28565 Vendor Deemed Reproducibility or Exploitation Unlikely
Filters marked with * shipped prior to this DV, providing zero-day protection.
 
The Digital Vaccine can be manually downloaded from the following URLs:
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_3.2.0_9537.pkg
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=vsa_dv&contentId=SIG_VTPS_4.0.0_9537.pkg

Update Details

Table of Contents
--------------------------

Filters
 New Filters - 48
 Modified Filters (logic changes) - 24
 Modified Filters (metadata changes only) - 1
 Removed Filters - 1

Filters
----------------
  New Filters: 

    38748: HTTP: Oracle Business Intelligence APSWebModule Deserialization Vulnerability (ZDI-21-452)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a deserialization vulnerability affecting Oracle Business Intelligence.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-2244
        - Zero Day Initiative: ZDI-21-452
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    38822: HTTP: Oracle OSS Support Tools Diagnostic Assistant Arbitrary File Upload Vulnerability (ZDI-21-458)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit an arbitrary file upload vulnerability in Oracle OSS.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-2303 CVSS 4.9
        - Zero Day Initiative: ZDI-21-458
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39050: HTTPS: Amazon Web Services Amazon Comprehend Medical DescribeICD10CMInferenceJob Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects an Amazon Web Services (AWS) Amazon Comprehend Medical DescribeICD10CMInferenceJob request.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39051: HTTPS: Amazon Web Services Amazon Comprehend Medical DescribePHIDetectionJob Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects an Amazon Web Services (AWS) Amazon Comprehend Medical DescribePHIDetectionJob request.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39054: HTTPS: Amazon Web Services Amazon Comprehend Medical DetectEntitiesV2 Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects an Amazon Web Services (AWS) Amazon Comprehend Medical DetectEntitiesV2 request.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39055: HTTPS: Amazon Web Services Amazon Comprehend Medical DetectPHI Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects an Amazon Web Services (AWS) Amazon Comprehend Medical DetectPHI request.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39056: HTTPS: Amazon Web Services Amazon Comprehend Medical InferICD10CM Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects an Amazon Web Services (AWS) Amazon Comprehend Medical InferICD10CM request.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39057: HTTPS: Amazon Web Services Amazon Comprehend Medical InferRxNorm Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects an Amazon Web Services (AWS) Amazon Comprehend Medical InferRxNorm request.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39058: HTTPS: Amazon Web Services Amazon Comprehend Medical ListEntitiesDetectionV2Jobs Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects an Amazon Web Services (AWS) Amazon Comprehend Medical ListEntitiesDetectionV2Jobs request.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39059: HTTPS: Amazon Web Services Amazon Comprehend Medical ListICD10CMInferenceJobs Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects an Amazon Web Services (AWS) Amazon Comprehend Medical ListICD10CMInferenceJobs request.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39060: HTTPS: Amazon Web Services Amazon Comprehend Medical ListPHIDetectionJobs Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects an Amazon Web Services (AWS) Amazon Comprehend Medical ListPHIDetectionJobs request.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39098: ZDI-CAN-12949: Zero Day Initiative Vulnerability (Microsoft SharePoint)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft SharePoint.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39594: ZDI-CAN-13454: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39638: HTTP: Atlassian Jira Enumerate Users Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects a request to enumerate users in Atlassian Jira.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2019-3403
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39639: HTTP: Google Chrome V8 Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Google Chrome V8.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-6507
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Other Client Application
      - Release Date: May 11, 2021

    39640: HTTP: GetSimple CMS Cross-Site Scripting Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in GetSimple CMS.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-23839
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39641: HTTP: XStream Library Insecure Deserialization Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in the XStream library.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-21350
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39642: HTTP: Apache Commons BCEL JAXP ClassLoader Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects an attempt to load a Java class with the Byte Code Engineering Library (Apache Commons BCEL) through JAXP (Java API for XML Processing).
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-21350
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39643: HTTP: Apache Commons BCEL JSON ClassLoader Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects an attempt to load a Java class with the Byte Code Engineering Library (Apache Commons BCEL) through JSON.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39644: HTTP: Nagios XI Monitoring Plugins Command Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in Nagios XI.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-35578
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39645: HTTP: Nagios XI Login Request
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects an attempt to login to Nagios XI.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39646: HTTP: XStream Library Insecure Deserialization Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in the XStream library.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-21346
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39647: HTTP: XStream Library Insecure Deserialization Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in the XStream library.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-21351
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39648: HTTP: XStream Library Insecure Deserialization Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in the XStream library.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-21347
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39649: HTTP: XStream Library Insecure Deserialization Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in the XStream library.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-21345
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39650: HTTP: Chromium File System API Security Bypass Vulnerability 
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a security bypass vulnerability in Chromium.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-21123
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: May 11, 2021

    39651: HTTP: LibTIFF tiff2pdf Converter Out-Of-Bounds Read Vulnerability (ZDI-20-1439)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in LibTIFF.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Zero Day Initiative: ZDI-20-1439
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: May 11, 2021

    39659: HTTP: Jenkins Artifact Repository Parameter Plugin Stored Cross-Site Scripting Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a stored cross-site vulnerability in Jenkins Artifact Repository Parameter Plugin.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-21622 CVSS 3.5
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39661: HTTP: Eaton Intelligent Power Management meta_driver_srv saveDriverData Arbitrary File Deletion
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an arbitrary file deletion vulnerability in Eaton Intelligent Power Manager and Eaton Intelligent Power Protector.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-23279 CVSS 6.4
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39662: HTTP: D-Link DSL-2640B ADSL Router DNS Change Detection
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects an HTTP request of a router DNS change in D-Link DSL-2640B ADSL Router.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Networked Hardware Device Application or Service
      - Release Date: May 11, 2021

    39663: HTTP: WordPress XML External Entity Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit an XXE injection vulnerability in WordPress.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-29447
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39664: HTTP: Microsoft Windows Script Engine Argument Length Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Microsoft Windows.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-26419
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Windows Client Application
      - Release Date: May 11, 2021

    39665: ZDI-CAN-13460: Zero Day Initiative Vulnerability (SolarWinds Orion)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting SolarWinds Orion.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39666: ZDI-CAN-13551: Zero Day Initiative Vulnerability (MySQL InnoDB)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting MySQL InnoDB.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39670: HTTP: Dolibarr ERP CRM Arbitrary File Upload Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an arbitrary upload vulnerability in Dolibarr ERP CRM.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-14209
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

    39671: ZDI-CAN-13803: Zero Day Initiative Vulnerability (Trend Micro Apex One)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting Trend Micro Apex One.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39672: ZDI-CAN-13758: Zero Day Initiative Vulnerability (Microsoft Windows)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting Microsoft Windows.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39673: ZDI-CAN-13713: Zero Day Initiative Vulnerability (Microsoft Windows 3D Viewer)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting Microsoft Windows 3D Viewer.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Performance-Optimized (Disabled)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39675: ZDI-CAN-13686: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Fuji Electric Tellus Lite.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39676: ZDI-CAN-13685: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Fuji Electric Tellus Lite.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39677: ZDI-CAN-13684: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Fuji Electric Tellus Lite.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39678: ZDI-CAN-13553: Zero Day Initiative Vulnerability (Schneider Electric Struxureware)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Schneider Electric Struxureware.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39681: ZDI-CAN-13549: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39682: ZDI-CAN-13550: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: May 11, 2021

    39685: HTTP: Adobe Acrobat Reader Annots.api Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-28550
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: May 11, 2021

    39686: HTTP: Adobe Acrobat Reader JPEG2000 Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-28560
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: May 11, 2021

    39687: HTTP: Microsoft Exchange Server Insecure Deserialization Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in Microsoft Exchange Server.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-28482
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Windows Server Application or Service
      - Release Date: May 11, 2021

    39688: HTTP: Joomla com_media Config File Upload
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Moderate
      - Description: This filter detects the upload of a config file to Joomla.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-23132
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: May 11, 2021

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    37077: UDP: D-Link Devices Unauthenticated Command Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Release Date: February 25, 2020
      - Last Modified Date: May 11, 2021

    38351: HTTP: Apache Tapestry ContextAssetRequestHandler Information Disclosure Vulnerability (ZDI-21-491)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38351: ZDI-CAN-12101: Zero Day Initiative Vulnerability (Apache Tapestry)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 03, 2020
      - Last Modified Date: May 11, 2021

    38394: HTTP: NETGEAR ProSAFE NMS ReportTemplateController Directory Traversal Vulnerability (ZDI-21-355)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: November 17, 2020
      - Last Modified Date: May 11, 2021

    38585: HTTP: Advantech WebAccess/HMI Designer PLF File Parsing Memory Corruption Vulnerability (ZDI-21-441)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38585: ZDI-CAN-12280: Zero Day Initiative Vulnerability (Advantech WebAccess/HMI Designer)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: December 15, 2020
      - Last Modified Date: May 11, 2021

    38595: HTTP: Advantech WebAccess/HMI Designer SNF File Parsing Memory Corruption Vulnerability (ZDI-21-442)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38595: ZDI-CAN-12477: Zero Day Initiative Vulnerability (Advantech WebAccess/HMI Designer)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: December 15, 2020
      - Last Modified Date: May 11, 2021

    38667: HTTP: Autodesk FBX Review FBX File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-470)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38667: ZDI-CAN-12199: Zero Day Initiative Vulnerability (Autodesk FBX)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 05, 2021
      - Last Modified Date: May 11, 2021

    38668: HTTP: Autodesk FBX Review FBX File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-471)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38668: ZDI-CAN-12200: Zero Day Initiative Vulnerability (Autodesk FBX)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 05, 2021
      - Last Modified Date: May 11, 2021

    38669: HTTP: Autodesk FBX Review FBX File Parsing Out-Of-Bounds Write Vulnerability (ZDI-21-469)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38669: ZDI-CAN-12201: Zero Day Initiative Vulnerability (Autodesk FBX)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 12, 2021
      - Last Modified Date: May 11, 2021

    38671: HTTP: Autodesk FBX Review FBX File Parsing Untrusted Pointer Dereference Vulnerability (ZDI-21-464)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38671: ZDI-CAN-12211: Zero Day Initiative Vulnerability (Autodesk FBX)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 12, 2021
      - Last Modified Date: May 11, 2021

    38672: HTTP: Autodesk FBX Review FBX File Parsing Memory Corruption Vulnerability (ZDI-21-465)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38672: ZDI-CAN-12212: Zero Day Initiative Vulnerability (Autodesk FBX)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 12, 2021
      - Last Modified Date: May 11, 2021

    38706: HTTP: Autodesk FBX Review ZIP File Parsing Directory Traversal Vulnerability (ZDI-21-466)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38706: ZDI-CAN-12229: Zero Day Initiative Vulnerability (Autodesk FBX)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 19, 2021
      - Last Modified Date: May 11, 2021

    38707: HTTP: Autodesk FBX Review FBX File Parsing Memory Corruption Vulnerability (ZDI-21-467)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38707: ZDI-CAN-12241: Zero Day Initiative Vulnerability (Autodesk FBX)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 19, 2021
      - Last Modified Date: May 11, 2021

    38708: HTTP: Autodesk FBX Review FBX File Parsing Use-After-Free Vulnerability (ZDI-21-468)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38708: ZDI-CAN-12242: Zero Day Initiative Vulnerability (Autodesk FBX)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 19, 2021
      - Last Modified Date: May 11, 2021

    38717: HTTP: Delta Industrial Automation CNCSoft ScreenEditor Out-Of-Bounds Read Vulnerability (ZDI-21-443)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38717: ZDI-CAN-12419: Zero Day Initiative Vulnerability (Delta Industrial Automation CNCSoft)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 19, 2021
      - Last Modified Date: May 11, 2021

    38729: HTTP: Autodesk FBX Review FBX File Parsing Out-Of-Bounds Read Vulnerability (ZDI-21-472)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38729: ZDI-CAN-12613: Zero Day Initiative Vulnerability (Autodesk FBX)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 19, 2021
      - Last Modified Date: May 11, 2021

    38730: HTTP: Autodesk FBX Review FBX File Parsing Out-Of-Bounds Read Vulnerability (ZDI-21-473)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38730: ZDI-CAN-12615: Zero Day Initiative Vulnerability (Autodesk FBX)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 19, 2021
      - Last Modified Date: May 11, 2021

    38771: HTTP: Delta Industrial Automation CNCSoft-B DOPSoft Out-Of-Bounds Read Vulnerability (ZDI-21-445)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38771: ZDI-CAN-12413: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 26, 2021
      - Last Modified Date: May 11, 2021

    38772: HTTP: Delta Industrial Automation CNCSoft-B DOPSoft Out-Of-Bounds Write Vulnerability (ZDI-21-444)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38772: ZDI-CAN-12418: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 26, 2021
      - Last Modified Date: May 11, 2021

    38779: HTTP: Delta Industrial Automation CNCSoft-B DOPSoft Out-Of-Bounds Read Vulnerability (ZDI-21-446)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38779: ZDI-CAN-12656: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: January 26, 2021
      - Last Modified Date: May 11, 2021

    38931: HTTP: Schneider Electric C-Bus Toolkit ACCESS SAVE Directory Traversal Vulnerability (ZDI-21-447)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38931: ZDI-CAN-12586: Zero Day Initiative Vulnerability (Schneider Electric C-Bus Toolkit)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 23, 2021
      - Last Modified Date: May 11, 2021

    38932: HTTP: Schneider Electric C-Bus Toolkit Unrestricted File Upload Vulnerability (ZDI-21-449)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38932: ZDI-CAN-12590: Zero Day Initiative Vulnerability (Schneider Electric C-Bus Toolkit)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 23, 2021
      - Last Modified Date: May 11, 2021

    38933: HTTP: Schneider Electric C-Bus Toolkit Directory Traversal Vulnerability (ZDI-21-450)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38933: ZDI-CAN-12604: Zero Day Initiative Vulnerability (Schneider Electric C-Bus Toolkit)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: February 23, 2021
      - Last Modified Date: May 11, 2021

    39366: HTTP: Microsoft Word DOC File Parsing Use-After-Free Vulnerability (ZDI-21-423)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "39366: ZDI-CAN-12701: Zero Day Initiative Vulnerability (Microsoft Word)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: March 30, 2021
      - Last Modified Date: May 11, 2021

    * 39565: HTTP: VMware vRealize Operations Manager API Arbitrary File Write Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 20, 2021
      - Last Modified Date: May 11, 2021

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    38823: TCP: Oracle Business Intelligence T3 Protocol Deserialization Vulnerability (ZDI-21-460)
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "38823: ZDI-CAN-12609: Zero Day Initiative Vulnerability (Oracle WebLogic Server)".
      - Description updated.
      - Vulnerability references updated.
      - Release Date: February 02, 2021
      - Last Modified Date: May 11, 2021

  Removed Filters:

    39620: UDP: D-Link Router Unauthenticated Remote Code Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Release Date: May 04, 2021
      - This filter was merged with Filter 37077.
      
Top of the Page
Premium
Internal
Partner
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000286482
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.