From e738380a3b613e0646cda2bfbaa1045e9dbca5e0 Mon Sep 17 00:00:00 2001 From: Vaibhav Singhal Date: Fri, 13 Dec 2024 14:53:52 -0800 Subject: [PATCH] Release-Dec-16-2024 --- src/content/changelogs/waf.yaml | 4 +- .../docs/waf/change-log/scheduled-changes.mdx | 203 ++++++++++++++---- 2 files changed, 164 insertions(+), 43 deletions(-) diff --git a/src/content/changelogs/waf.yaml b/src/content/changelogs/waf.yaml index 3ced23bb467a5aa..7d9b57dd97f3805 100644 --- a/src/content/changelogs/waf.yaml +++ b/src/content/changelogs/waf.yaml @@ -5,8 +5,8 @@ productLink: "/waf/" productArea: Application security productAreaLink: /fundamentals/reference/changelog/security/ entries: - - publish_date: "2024-12-09" - scheduled_date: "2024-12-16" + - publish_date: "2024-12-16" + scheduled_date: "2025-01-06" individual_page: true scheduled: true link: "/waf/change-log/scheduled-changes/" diff --git a/src/content/docs/waf/change-log/scheduled-changes.mdx b/src/content/docs/waf/change-log/scheduled-changes.mdx index 022a4577a1430cc..cbdfcb04d242368 100644 --- a/src/content/docs/waf/change-log/scheduled-changes.mdx +++ b/src/content/docs/waf/change-log/scheduled-changes.mdx @@ -24,29 +24,29 @@ import { RuleID } from "~/components"; 2024-12-09 - 2024-12-16 + 2025-01-06 Block - 100683 + 100678 - + - CyberPanel - Remote Code Execution - CVE:CVE-2024-51567 + Pandora FMS - Remote Code Execution - CVE:CVE-2024-11320 This is a New Detection 2024-12-09 - 2024-12-16 + 2025-01-06 Block - 100685 + 100679 - + - CyberPanel - Remote Code Execution - CVE:CVE-2024-51568 + Palo Alto Networks - Remote Code Execution - CVE:CVE-2024-0012, CVE:CVE-2024-9474 This is a New Detection 2024-12-09 - 2024-12-16 + 2025-01-06 Block 100680 @@ -57,91 +57,212 @@ import { RuleID } from "~/components"; 2024-12-09 - 2024-12-16 + 2025-01-06 Block - 100682 + 100681 - + - Magento - XXE - CVE:CVE-2024-34102 + Really Simple Security - Auth Bypass - CVE:CVE-2024-10924 This is a New Detection 2024-12-09 - 2024-12-16 + 2025-01-06 Block - 100684 + 100682 - + - Microsoft SharePoint - Remote Code Execution - CVE:CVE-2024-38094, CVE:CVE-2024-38024, CVE:CVE-2024-38023 + Magento - XXE - CVE:CVE-2024-34102 This is a New Detection 2024-12-09 - 2024-12-16 + 2025-01-06 Block - 100679 + 100683 - + - Palo Alto Networks - Remote Code Execution - CVE:CVE-2024-0012, CVE:CVE-2024-9474 + CyberPanel - Remote Code Execution - CVE:CVE-2024-51567 This is a New Detection 2024-12-09 - 2024-12-16 + 2025-01-06 Block - 100678 + 100684 - + - Pandora FMS - Remote Code Execution - CVE:CVE-2024-11320 + Microsoft SharePoint - Remote Code Execution - CVE:CVE-2024-38094, CVE:CVE-2024-38024, CVE:CVE-2024-38023 This is a New Detection 2024-12-09 - 2024-12-16 + 2025-01-06 Block - 100688 + 100685 - + - ProjectSend - Remote Code Execution - CVE:CVE-2024-11680 + CyberPanel - Remote Code Execution - CVE:CVE-2024-51568 This is a New Detection 2024-12-09 - 2024-12-16 + 2025-01-06 Block - 100681 + 100686 - + - Really Simple Security - Auth Bypass - CVE:CVE-2024-10924 + Seeyon - Remote Code Execution This is a New Detection 2024-12-09 - 2024-12-16 + 2025-01-06 Block - 100686 + 100687 - + - Seeyon - Remote Code Execution + WordPress - Remote Code Execution - CVE:CVE-2024-10781, CVE:CVE-2024-10542 This is a New Detection 2024-12-09 - 2024-12-16 + 2025-01-06 Block - 100687 + 100688 - + - WordPress - Remote Code Execution - CVE:CVE-2024-10781, CVE:CVE-2024-10542 + ProjectSend - Remote Code Execution - CVE:CVE-2024-11680 This is a New Detection + + 2024-12-16 + 2025-01-06 + Block + 100689 + + + + Palo Alto GlobalProtect - Remote Code Execution - CVE:CVE-2024-5921 + This is a New Detection + + + 2024-12-16 + 2025-01-06 + Block + 100690 + + + + Ivanti - Remote Code Execution - CVE:CVE-2024-37404 + This is a New Detection + + + 2024-12-16 + 2025-01-06 + Block + 100691 + + + + Array Networks - Remote Code Execution - CVE:CVE-2023-28461 + This is a New Detection + + + 2024-12-16 + 2025-01-06 + Block + 100692 + + + + CyberPanel - Remote Code Execution - CVE:CVE-2024-51378 + This is a New Detection + + + 2024-12-16 + 2025-01-06 + Block + 100693 + + + + Symfony Profiler - Auth Bypass - CVE:CVE-2024-50340 + This is a New Detection + + + 2024-12-16 + 2025-01-06 + Block + 100694 + + + + Citrix Virtual Apps - Remote Code Execution - CVE:CVE-2024-8069 + This is a New Detection + + + 2024-12-16 + 2025-01-06 + Block + 100695 + + + + MSMQ Service - Remote Code Execution - CVE:CVE-2023-21554 + This is a New Detection + + + 2024-12-16 + 2025-01-06 + Block + 100696 + + + + Nginxui - Remote Code Execution - CVE:CVE-2024-49368 + This is a New Detection + + + 2024-12-16 + 2025-01-06 + Block + 100697 + + + + Apache ShardingSphere - Remote Code Execution - CVE:CVE-2022-22733 + This is a New Detection + + + 2024-12-16 + 2025-01-06 + Block + 100698 + + + + Mitel MiCollab - Auth Bypass - CVE:CVE-2024-41713 + This is a New Detection + + + 2024-12-16 + 2025-01-06 + Block + 100699 + + + + Apache Solr - Auth Bypass - CVE:CVE-2024-45216 + This is a New Detection +