Sophos IPS and Application Signature update release notes

Version 18.22.57

Released on October 14, 2024

Introduction

The Release Note document for IPS and Application signature Database version 18.22.57 includes support for both, the new and the updated Signatures. The following sections describe the release in detail.

Release Information

Upgrade Applicable on: Version 18.22.56

Fixed issues, listed by ID, description, explanation and Workaround.

Appliance Model	Details of Changes			Module	More Details
All Deployments	13 Applications	66 Application Signatures	6 Application categories	Application Filter	Click Here for details of changes
XGS-87, XGS-87(w), XGS-107, XGS-107(w), XGS-116, XGS-116(w), XGS-126, XGS-126(w), XGS-136, XGS-136(w), XGS-2100, XGS-2300, XGS-3100, XGS-3300, XGS-4300, XGS-4500 XG-86, XG-86(w), XG-106, XG-106(w), XG-115, XG-115(w), XG-125, XG-125(w), XG-135, XG-135(w), XG-210, XG-230, XG-310, XG-330, XG-430, XG-450 SG-105, SG-105(w), SG-115, SG-115(w), SG-125, SG-125(w), SG-135, SG-135(w), SG-210, SG-230, SG-310, SG-330, SG-430, SG-450, SG-550, SG-650 Any virtual deployment with RAM < 24GB	5 Signatures	4 Vulnerabilities	3 IPS Categories	IPS Filter	Click Here for details of changes
XG-550, XG-650, XG-750 XGS-5500, XGS-6500 Any virtual deployment with RAM >24GB	4 Signatures	3 Vulnerabilities	2 IPS Categories	IPS Filter	Click Here for details of changes

Application Name	Risk	Category
Twitter Message	2	Social Networking
KakaoTalk	2	Mobile Applications
Time Website	2	General Internet
51.COM	2	Social Networking
51.COM Games	2	Gaming
Whisper	1	Mobile Applications
ZEE5	1	Streaming Media
ZeeTV App	1	Streaming Media
Hoxx Vpn	5	Proxy and Tunnel
Vimeo Streaming	3	Streaming Media
SKY News	1	Streaming Media
Kakao	1	General Internet
TOR Proxy	5	Proxy and Tunnel

Application Name

Risk

Risk Level	Risk Criteria
1	Very Low
2	Low
3	Medium
4	High
5	Very High

Name	CVE-ID	Category	Severity
BROWSER-CHROME Google Chrome CVE-2024-5830 Type Confusion Vulnerability	CVE-2024-5830	browser-chrome	1
FILE-IDENTIFY Java .class file download request		file-identify	4
SERVER-WEBAPP GitLab Community and Enterprise Edition CVE-2024-45409 SAML Authentication Bypass Vulnerability	CVE-2024-45409	server-webapp	1
SERVER-WEBAPP WordPress Backuply Plugin options CVE-2024-8669 SQL Injection	CVE-2024-8669	server-webapp	3

Name	CVE-ID	Category	Severity
BROWSER-CHROME Google Chrome CVE-2024-5830 Type Confusion Vulnerability	CVE-2024-5830	browser-chrome	1
SERVER-WEBAPP GitLab Community and Enterprise Edition CVE-2024-45409 SAML Authentication Bypass Vulnerability	CVE-2024-45409	server-webapp	1
SERVER-WEBAPP WordPress Backuply Plugin options CVE-2024-8669 SQL Injection	CVE-2024-8669	server-webapp	3

Severity Level	Severity Criteria
1	Critical
2	Major
3	Moderate
4	Minor
5	Warning

Sophos IPS and Application Signature Update

These release notes are for Sophos IPS and Application signature updates.

Version 18.22.57
Released on October 14, 2024

Introduction

Release Information

Upgrade Information

Application Signatures

Terms Explained

IPS Signatures

IPS Signatures

Terms Explained

Important Notice

RESTRICTED RIGHTS

Corporate Headquarters