With the growing complexity of new applications, technology stacks, and evolving attack techniques, we can implement regular improvements in how the Wallarm WAF detects attacks. This month we have added new Scanner rules to detect:
- Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Web Interface Vulnerability — CVE-2020-3452
- Open web interfaces for VMware ESXi, vCenter, and vSphere.
We've also added new rules for detecting attacks in the Wallarm WAF:
- RCE in MobileIron Core & Connector, Sentry and Monitor and Reporting Database (RDB) — CVE-2020-15505
- RCE on some NGINX + PHP-FPM installation configurations — CVE-2019-11043
In addition, Bitrix 0-day LFI detection is available within our WAF and Scanner. We sent notifications and created virtual patches for all clients that have this vulnerability in their applications.