Rule Update
25-053 (2025年12月16日)
2025年12月16日
概要
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
React Server
1012499 - Identified Suspicious React Gadgets
SAP NetWeaver Java Application Server
1012455* - SAP NetWeaver AS JAVA Directory Traversal Vulnerability (CVE-2017-12637)
Unix Samba
1012454* - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-22037)
Web Server HTTPS
1012489 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-62411)
1012453* - Sitecore Experience Manager and Platform Cache Poisoning Vulnerability (CVE-2025-53693)
Web Server IIS
1012484 - Microsoft Windows ASP.NET HTTP Request Smuggling Vulnerability (CVE-2025-55315)
Web Server Miscellaneous
1012030* - XWiki Code Injection Vulnerability (CVE-2024-31982)
Web Server SharePoint
1012442* - Microsoft SharePoint Server-Side Request Forgery Vulnerability (CVE-2025-53760)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
React Server
1012499 - Identified Suspicious React Gadgets
SAP NetWeaver Java Application Server
1012455* - SAP NetWeaver AS JAVA Directory Traversal Vulnerability (CVE-2017-12637)
Unix Samba
1012454* - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-22037)
Web Server HTTPS
1012489 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-62411)
1012453* - Sitecore Experience Manager and Platform Cache Poisoning Vulnerability (CVE-2025-53693)
Web Server IIS
1012484 - Microsoft Windows ASP.NET HTTP Request Smuggling Vulnerability (CVE-2025-55315)
Web Server Miscellaneous
1012030* - XWiki Code Injection Vulnerability (CVE-2024-31982)
Web Server SharePoint
1012442* - Microsoft SharePoint Server-Side Request Forgery Vulnerability (CVE-2025-53760)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.