Hi,
we are currently running 77.30 and are going to upgrade to 80.x.
Anyway we started using IPS now with the 77.30 and I'm wondering about the meaning of the CVE numbers in the IPS signatures.
As an example I have the "Linux System Files Information Disclosure" going with CVE-2018-3948. The CVE number is about TP-Link devices.
So we don't run TP-Link devices and I first thought I could deactivate this protection. But then I checked the logged events and saw common directory traversal attacks. I checked if there are other "Linux System Files Information Disclosure" protections but cannot find any.
Is this signature just for TP-Link devices because of the CVE or is the CVE just an example for this attack pattern?
Thank you for your help.