From b78b805b0b4c3e8489ebb6169918dcb1df829e5c Mon Sep 17 00:00:00 2001 From: Vaibhav Singhal Date: Tue, 11 Feb 2025 12:12:15 -0800 Subject: [PATCH 1/3] Release-Feb-11-2025 --- src/content/changelogs/waf.yaml | 7 +- .../docs/waf/change-log/2025-02-11.mdx | 92 +++++++++++++++++++ .../docs/waf/change-log/scheduled-changes.mdx | 61 +++++------- 3 files changed, 122 insertions(+), 38 deletions(-) create mode 100644 src/content/docs/waf/change-log/2025-02-11.mdx diff --git a/src/content/changelogs/waf.yaml b/src/content/changelogs/waf.yaml index 83e9e740373bec..d96cff96ca3276 100644 --- a/src/content/changelogs/waf.yaml +++ b/src/content/changelogs/waf.yaml @@ -5,11 +5,14 @@ productLink: "/waf/" productArea: Application security productAreaLink: /fundamentals/reference/changelog/security/ entries: - - publish_date: "2025-02-03" - scheduled_date: "2025-02-10" + - publish_date: "2025-02-11" + scheduled_date: "2025-02-18" individual_page: true scheduled: true link: "/waf/change-log/scheduled-changes/" + - publish_date: "2025-02-11" + individual_page: true + link: "/waf/change-log/2025-02-11/" - publish_date: "2025-01-21" individual_page: true link: "/waf/change-log/2025-01-21/" diff --git a/src/content/docs/waf/change-log/2025-02-11.mdx b/src/content/docs/waf/change-log/2025-02-11.mdx new file mode 100644 index 00000000000000..8ecdedf143cc58 --- /dev/null +++ b/src/content/docs/waf/change-log/2025-02-11.mdx @@ -0,0 +1,92 @@ +--- +title: "2025-02-11" +type: table +pcx_content_type: changelog +sidebar: + order: 803 +tableOfContents: false +--- + +import { RuleID } from "~/components"; + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
Cloudflare Managed Rulesets + + 100708Aviatrix Network - Remote Code Execution - CVE:CVE-2024-50603LogBlockThis is a New Detection
Cloudflare Managed Rulesets + + 100709Next.js - Remote Code Execution - CVE:CVE-2024-46982LogBlockThis is a New Detection
Cloudflare Managed Rulesets + + 100710Progress Software WhatsUp Gold - Directory Traversal - CVE:CVE-2024-12105LogBlockThis is a New Detection
Cloudflare Managed Rulesets + + 100711WordPress - Remote Code Execution - CVE:CVE-2024-56064LogBlockThis is a New Detection
Cloudflare Managed Rulesets + + 100712WordPress - Remote Code Execution - CVE:CVE-2024-9047LogBlockThis is a New Detection
Cloudflare Managed Rulesets + + 100713FortiOS - Auth Bypass - CVE:CVE-2022-40684LogBlockThis is a New Detection
\ No newline at end of file diff --git a/src/content/docs/waf/change-log/scheduled-changes.mdx b/src/content/docs/waf/change-log/scheduled-changes.mdx index eba5dd786d51f9..e7debfd997df6e 100644 --- a/src/content/docs/waf/change-log/scheduled-changes.mdx +++ b/src/content/docs/waf/change-log/scheduled-changes.mdx @@ -23,69 +23,58 @@ import { RuleID } from "~/components"; - 2025-02-03 - 2025-02-10 + 2025-02-11 + 2025-02-18 Log - 100708 + 100715 - + - Aviatrix Network - Remote Code Execution - CVE:CVE-2024-50603 + FortiOS - Auth Bypass - CVE:CVE-2024-55591 This is a New Detection - 2025-02-03 - 2025-02-10 + 2025-02-11 + 2025-02-18 Log - 100709 + 100716 - + - Next.js - Remote Code Execution - CVE:CVE-2024-46982 + Ivanti - Auth Bypass - CVE:CVE-2021-44529 This is a New Detection - 2025-02-03 - 2025-02-10 + 2025-02-11 + 2025-02-18 Log - 100710 + 100717 - + - Progress Software WhatsUp Gold - Directory Traversal - CVE:CVE-2024-12105 + SimpleHelp - Auth Bypass - CVE:CVE-2024-57727 This is a New Detection - 2025-02-03 - 2025-02-10 + 2025-02-11 + 2025-02-18 Log - 100711 + 100718 - + -WordPress - Remote Code Execution - CVE:CVE-2024-56064 + SonicWall SSLVPN - Auth Bypass - CVE:CVE-2024-53704 This is a New Detection - 2025-02-03 - 2025-02-10 + 2025-02-11 + 2025-02-18 Log - 100712 + 100719 - + -WordPress - Remote Code Execution - CVE:CVE-2024-9047 - This is a New Detection - - - 2025-02-03 - 2025-02-10 - Log - 100713 - - - - FortiOS - Auth Bypass - CVE:CVE-2022-40684 + Yeti Platform - Auth Bypass - CVE:CVE-2024-46507 This is a New Detection From 111724cbbf36937ed766dd14f240990bdd2af127 Mon Sep 17 00:00:00 2001 From: Vaibhav Singhal Date: Tue, 11 Feb 2025 14:13:04 -0800 Subject: [PATCH 2/3] Release-Feb-11-2025 --- src/content/docs/waf/change-log/scheduled-changes.mdx | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/content/docs/waf/change-log/scheduled-changes.mdx b/src/content/docs/waf/change-log/scheduled-changes.mdx index e7debfd997df6e..b2780201ab9562 100644 --- a/src/content/docs/waf/change-log/scheduled-changes.mdx +++ b/src/content/docs/waf/change-log/scheduled-changes.mdx @@ -28,7 +28,7 @@ import { RuleID } from "~/components"; Log 100715 - + FortiOS - Auth Bypass - CVE:CVE-2024-55591 This is a New Detection @@ -39,7 +39,7 @@ import { RuleID } from "~/components"; Log 100716 - + Ivanti - Auth Bypass - CVE:CVE-2021-44529 This is a New Detection @@ -50,7 +50,7 @@ import { RuleID } from "~/components"; Log 100717 - + SimpleHelp - Auth Bypass - CVE:CVE-2024-57727 This is a New Detection @@ -61,7 +61,7 @@ import { RuleID } from "~/components"; Log 100718 - + SonicWall SSLVPN - Auth Bypass - CVE:CVE-2024-53704 This is a New Detection @@ -72,7 +72,7 @@ import { RuleID } from "~/components"; Log 100719 - + Yeti Platform - Auth Bypass - CVE:CVE-2024-46507 This is a New Detection From 3fa028ca409998210dc2e9a8ff0d5826300c1713 Mon Sep 17 00:00:00 2001 From: Vaibhav Singhal Date: Tue, 11 Feb 2025 15:28:06 -0800 Subject: [PATCH 3/3] Release-Feb-11-2025 --- src/content/docs/waf/change-log/2025-02-11.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/docs/waf/change-log/2025-02-11.mdx b/src/content/docs/waf/change-log/2025-02-11.mdx index 8ecdedf143cc58..53e37b831f28dc 100644 --- a/src/content/docs/waf/change-log/2025-02-11.mdx +++ b/src/content/docs/waf/change-log/2025-02-11.mdx @@ -41,7 +41,7 @@ import { RuleID } from "~/components"; 100709 Next.js - Remote Code Execution - CVE:CVE-2024-46982 Log - Block + Disabled This is a New Detection