Release notes for update package 1830-5242

This update package improves the detection capabilities of the Forcepoint LLM system.

RELEASE DATE:     Thursday January 30, 2025
MD5 CHECKSUM:     e21c6b7dd756b6f174b6d09ff0ee882a
SHA1 CHECKSUM:     c660768cb657e63bf29b7dd24bee0865fea3a40b
SHA256 CHECKSUM:     c97e231510b709c10ff0054a2f69493d7732b0dde6304555be74183f193d81cc


UPDATE CRITICALITY:    HIGH

List of detected attacks in this update package:

Risk level Description Reference Vulnerability
High     An attempt to exploit a vulnerability in SimpleHelp Remote Support detected     CVE-2024-57727     SimpleHelp-Unauthenticated-Path-Traversal-CVE-2024-57727
High     An attempt to exploit a vulnerability in Fortinet FortiOS detected     CVE-2024-55591     Fortinet-FortiOS-Authentication-Bypass-CVE-2024-55591
High     An attempt to exploit a vulnerability in jQuery detected     CVE-2020-11023     jQuery-Cross-Site-Scripting-CVE-2020-11023
High     An attempt to exploit a vulnerability in Django detected     CVE-2020-9402     Django-GIS-Functions-And-Aggregates-SQL-Injection-CVE-2020-9402
Low     An attempt to exploit a vulnerability in Microsoft Windows detected     CVE-2024-49113     Microsoft-Windows-CLDAP-Out-Of-Bounds-Read-CVE-2024-49113

Jump to: Detected Attacks Other Changes

DETECTED ATTACKS

New detected attacks:

HTTP Request URI

Risk Vulnerability/Situation References Related Fingerprint Situation Type
High Django-GIS-Functions-And-Aggregates-SQL-Injection-CVE-2020-9402 CVE-2020-9402 HTTP_CSU-Django-GIS-Functions-And-Aggregates-SQL-Injection-CVE-2020-9402 Potential Compromise
High SimpleHelp-Unauthenticated-Path-Traversal-CVE-2024-57727 CVE-2024-57727 HTTP_CSU-SimpleHelp-Unauthenticated-Path-Traversal-CVE-2024-57727 Suspected Compromise

HTTP Request Header Line

Risk Vulnerability/Situation References Related Fingerprint Situation Type
High Fortinet-FortiOS-Authentication-Bypass-CVE-2024-55591 CVE-2024-55591 HTTP_CSH-Fortinet-FortiOS-Authentication-Bypass-CVE-2024-55591 Potential Compromise

UDP LDAP Server Stream

Risk Vulnerability/Situation References Related Fingerprint Situation Type
Low Microsoft-Windows-CLDAP-Out-Of-Bounds-Read-CVE-2024-49113 CVE-2024-49113 LDAP-UDP_SS-Microsoft-Windows-CLDAP-Out-Of-Bounds-Read-CVE-2024-49113 Potential Denial of Service

Text File Stream

Risk Vulnerability/Situation References Related Fingerprint Situation Type
High jQuery-Cross-Site-Scripting-CVE-2020-11023 CVE-2020-11023 File-Text_jQuery-Cross-Site-Scripting-CVE-2020-11023 Potential Compromise

Updated detected attacks:

HTTP Request URI

Risk Vulnerability/Situation References Related Fingerprint Situation Type Change Description
High Oracle-JDeveloper-ADF-Faces-Remote-Resource-Loader-Insecure-Deserialization CVE-2022-21445 HTTP_CSU-Oracle-JDeveloper-ADF-Faces-Remote-Resource-Loader-Insecure-Deserialization Potential Compromise
Comment has changed
High Craft-CMS-Remote-Code-Execution-CVE-2024-56145 CVE-2024-56145 HTTP_CSU-Craft-CMS-Remote-Code-Execution-CVE-2024-56145 Suspected Compromise
Fingerprint regexp changed

HTTP Reply Header Line

Risk Vulnerability/Situation References Related Fingerprint Situation Type Change Description
High Oracle-JDeveloper-ADF-Faces-Remote-Resource-Loader-Insecure-Deserialization CVE-2022-21445 HTTP_SHS-Oracle-JDeveloper-ADF-Faces-Remote-Resource-Loader-Insecure-Deserialization Potential Compromise
Comment has changed

LIST OF OTHER CHANGES:

New objects:

Type Name
Category SimpleHelp Remote Support
Category jQuery
Situation File-Text_Possible-Cross-Site-Scripting-In-Img-Tag-Src-Attribute

Updated objects:

Type Name Changes
IPList Rwanda
IPList Somalia
IPList Yemen
IPList Iraq
IPList Saudi Arabia
IPList Iran
IPList Cyprus
IPList Tanzania
IPList Syria
IPList Armenia
IPList Kenya
IPList DR Congo
IPList Uganda
IPList Seychelles
IPList Jordan
IPList Kuwait
IPList Oman
IPList Qatar
IPList Bahrain
IPList United Arab Emirates
IPList Israel
IPList Türkiye
IPList Ethiopia
IPList Eritrea
IPList Egypt
IPList Sudan
IPList Greece
IPList Estonia
IPList Latvia
IPList Azerbaijan
IPList Lithuania
IPList Svalbard and Jan Mayen
IPList Georgia
IPList Moldova
IPList Belarus
IPList Finland
IPList Åland Islands
IPList Ukraine
IPList North Macedonia
IPList Hungary
IPList Bulgaria
IPList Albania
IPList Poland
IPList Romania
IPList Kosovo
IPList Zimbabwe
IPList Zambia
IPList Comoros
IPList Malawi
IPList Botswana
IPList Mauritius
IPList Eswatini
IPList Réunion
IPList South Africa
IPList Mayotte
IPList Mozambique
IPList Madagascar
IPList Afghanistan
IPList Pakistan
IPList Bangladesh
IPList Turkmenistan
IPList Tajikistan
IPList Sri Lanka
IPList Bhutan
IPList India
IPList Maldives
IPList Nepal
IPList Myanmar
IPList Uzbekistan
IPList Kazakhstan
IPList Kyrgyzstan
IPList Palau
IPList Vietnam
IPList Thailand
IPList Indonesia
IPList Taiwan
IPList Philippines
IPList Malaysia
IPList China
IPList Hong Kong
IPList Brunei
IPList Macao
IPList Cambodia
IPList South Korea
IPList Japan
IPList Singapore
IPList Russia
IPList Mongolia
IPList Australia
IPList Christmas Island
IPList Federated States of Micronesia
IPList Papua New Guinea
IPList Vanuatu
IPList New Zealand
IPList Libya
IPList Cameroon
IPList Senegal
IPList Portugal
IPList Liberia
IPList Nigeria
IPList Togo
IPList Mauritania
IPList Gibraltar
IPList Gambia
IPList Chad
IPList Mali
IPList Tunisia
IPList Spain
IPList Morocco
IPList Malta
IPList Algeria
IPList Faroe Islands
IPList Denmark
IPList Iceland
IPList United Kingdom
IPList Switzerland
IPList Sweden
IPList The Netherlands
IPList Austria
IPList Belgium
IPList Germany
IPList Luxembourg
IPList Ireland
IPList Monaco
IPList France
IPList Andorra
IPList Liechtenstein
IPList Jersey
IPList Isle of Man
IPList Guernsey
IPList Slovakia
IPList Czechia
IPList Norway
IPList Vatican City
IPList San Marino
IPList Italy
IPList Slovenia
IPList Montenegro
IPList Croatia
IPList Bosnia and Herzegovina
IPList Angola
IPList Namibia
IPList Bouvet Island
IPList Barbados
IPList French Guiana
IPList Saint Pierre and Miquelon
IPList Paraguay
IPList Uruguay
IPList Brazil
IPList Dominican Republic
IPList Cuba
IPList Martinique
IPList Bermuda
IPList Anguilla
IPList Trinidad and Tobago
IPList St Kitts and Nevis
IPList Antigua and Barbuda
IPList Saint Lucia
IPList Aruba
IPList British Virgin Islands
IPList Saint Martin
IPList Guadeloupe
IPList Cayman Islands
IPList El Salvador
IPList Guatemala
IPList Nicaragua
IPList Costa Rica
IPList Venezuela
IPList Ecuador
IPList Colombia
IPList Panama
IPList Argentina
IPList Chile
IPList Bolivia
IPList Peru
IPList Mexico
IPList Kiribati
IPList Tonga
IPList Northern Mariana Islands
IPList Guam
IPList Puerto Rico
IPList U.S. Virgin Islands
IPList U.S. Outlying Islands
IPList American Samoa
IPList Canada
IPList United States
IPList Palestine
IPList Serbia
IPList Antarctica
IPList South Sudan
IPList TOR exit nodes IP Address List
IPList Amazon AMAZON
IPList Amazon EC2
IPList Akamai Servers
IPList Amazon CODEBUILD
IPList TOR relay nodes IP Address List
IPList Microsoft Azure datacenter for centralindia
IPList Microsoft Azure datacenter for centraluseuap
IPList Microsoft Azure datacenter for centralus
IPList Microsoft Azure datacenter for eastus2euap
IPList Microsoft Azure datacenter for eastus
IPList Microsoft Azure datacenter for japaneast
IPList Microsoft Azure datacenter for westeurope
IPList Microsoft Azure datacenter for westus2
IPList Microsoft Azure datacenter
IPList Salesforce APNIC
IPList Salesforce Community Cloud
IPList Salesforce
IPList Amazon EC2 me-central-1
IPList Amazon AMAZON me-central-1
IPList Botnet IP Address List
IPList Malicious Site IP Address List
IPList Microsoft Azure datacenter for malaysiasouth
IPList NordVPN Servers IP Address List
IPList Zoho Meeting Servers
IPList Amazon AMAZON eu-central-1
IPList Amazon EC2 ap-southeast-5
IPList Forcepoint Drop IP Address List
IPList Amazon AMAZON us-west-2
IPList Amazon EC2 us-west-2
IPList Amazon CODEBUILD us-west-2
IPList Amazon IVS_REALTIME
IPList Microsoft Azure datacenter for uaenorth
IPList GitHub Actions IP Address List
IPList Amazon IVS_REALTIME us-west-2
IPList Microsoft Azure service for AppServiceManagement
IPList Microsoft Azure service for AzureCloud
IPList Microsoft Azure service for PowerBI
IPList Microsoft Azure service for StorageSyncService
IPList Microsoft Azure datacenter for jioindiacentral
IPList Microsoft Azure datacenter for italynorth
IPList Microsoft Azure datacenter for spaincentral
IPList Google Cloud IP Address List for asia-south1
IPList Google Cloud IP Address List for asia-southeast1
IPList Google Cloud IP Address List for asia-southeast2
IPList Google Cloud IP Address List for europe-west1
IPList Google Cloud IP Address List for europe-west4
IPList Google Cloud IP Address List for europe-west9
IPList Google Cloud IP Address List for us-east1
IPList Google Cloud IP Address List for us-east4
IPList Google Cloud IP Address List for us-east5
IPList Google Cloud IP Address List for us-west1
IPList Google Cloud IP Address List for us-west2
IPList Google Cloud IP Address List for us-west4
IPList Microsoft Azure service for AzureSentinel
Situation HTTP_CSU-Shared-Variables
Situation HTTP_CSH-WebSocket-Connection-Request
Fingerprint regexp changed
Application Akamai-Infrastructure
Application TOR
Application Manoto
Application WebSocket
Application NordVPN
Application Zoho-Meeting-App

DISCLAIMER AND COPYRIGHT

Copyright © 2025 Forcepoint
Forcepoint and the FORCEPOINT logo are trademarks of Forcepoint.

All other trademarks used in this document are the property of their respective owners.

Every effort has been made to ensure the accuracy of this document. However, Forcepoint makes no warranties with respect to this documentation and disclaims any implied warranties of merchantability and fitness for a particular purpose. Forcepoint shall not be liable for any error or for incidental or consequential damages in connection with the furnishing, performance, or use of this manual or the examples herein. The information in this documentation is subject to change without notice.