v4.11.1

New Analytic Story

• Juniper JunOS Remote Code Execution
• Flax Typhoon
• Windows Error Reporting Service Elevation of Privilege Vulnerability
• Ivanti Sentry Authentication Bypass CVE-2023-38035
• Adobe ColdFusion Arbitrary Code Execution CVE-2023-29298 CVE-2023-26360

New Analytics

• Juniper Networks Remote Code Execution Exploit Detection
• Windows SQL Spawning CertUtil
• Ivanti Sentry Authentication Bypass
• Adobe ColdFusion Access Control Bypass
• Adobe ColdFusion Unauthenticated Arbitrary File Read
• Splunk DOS via printf search function

Updated Analytics

• Splunk risky Command Abuse disclosed february 2023

Other Updates

• Added status field to BA package
• Updated splunk_risky_command.csv to splunk_risky_command_20230830.csv lookup file and updated the contents in the file