Rule Update
DPIルール他更新情報:20-038(2020年8月4日)
2020年8月4日
概要
* は既存ルールの新バージョンを示します。
DPI(Deep Packet Inspection) ルール:
DNSクライアント
1010352* - Data Exfiltration Over DNS (Response) Protocol (T1048)
ディレクトリサーバ LDAP
1010350* - VMware vCenter Server Access Control Bypass Vulnerability (CVE-2020-3952)
HP Intelligent Management Center (IMC)
1010425 - Apache OFBiz Cross-Site Scripting Vulnerability (CVE-2020-1943)
1009947* - HPE Intelligent Management Center Various Expression Language Injection Vulnerabilities
SAP NetWeaver Java Application Server
1010417* - SAP NetWeaver AS JAVA Authentication Bypass Vulnerability (CVE-2020-6287)
1010413* - SAP NetWeaver AS JAVA Directory Traversal Vulnerability (CVE-2020-6286)
Webアプリケーション 共通
1010345* - Kentico CMS Staging SyncServer Unserialize Remote Command Execution Vulnerability (CVE-2019-10068)
1010332* - Netty HTTP Request Smuggling Vulnerability (CVE-2020-7238)
Webアプリケーション Ruby
1010411* - Ruby On Rails Remote Code Execution Vulnerability (CVE-2020-8163)
Webクライアント 共通
1010427 - Google Chrome ClipboardHost Use-After-Free Vulnerability (CVE-2020-6462)
1010429 - Google Chrome webkitSpeechRecognition Use-After-Free Vulnerability (CVE-2020-6457)
Webサーバ 共通
1010264* - dotCMS CMSFilter Improper Access Control RCE Vulnerability (CVE-2020-6754)
Webサーバ Oracle
1010415* - Oracle WebLogic Server T3 Protocol Insecure Deserialization Vulnerability (CVE-2020-14625)
変更監視(Integrity Monitoring)ルール:
1002999* - Database Server - Microsoft SQL Server
セキュリティログ監視(Log Inspection)ルール:
1008619* - Application - Docker
1010349 - Docker Daemon Remote API Calls
1010421 - Trend Micro Deep Security Agent Removal Attempt
DPI(Deep Packet Inspection) ルール:
DNSクライアント
1010352* - Data Exfiltration Over DNS (Response) Protocol (T1048)
ディレクトリサーバ LDAP
1010350* - VMware vCenter Server Access Control Bypass Vulnerability (CVE-2020-3952)
HP Intelligent Management Center (IMC)
1010425 - Apache OFBiz Cross-Site Scripting Vulnerability (CVE-2020-1943)
1009947* - HPE Intelligent Management Center Various Expression Language Injection Vulnerabilities
SAP NetWeaver Java Application Server
1010417* - SAP NetWeaver AS JAVA Authentication Bypass Vulnerability (CVE-2020-6287)
1010413* - SAP NetWeaver AS JAVA Directory Traversal Vulnerability (CVE-2020-6286)
Webアプリケーション 共通
1010345* - Kentico CMS Staging SyncServer Unserialize Remote Command Execution Vulnerability (CVE-2019-10068)
1010332* - Netty HTTP Request Smuggling Vulnerability (CVE-2020-7238)
Webアプリケーション Ruby
1010411* - Ruby On Rails Remote Code Execution Vulnerability (CVE-2020-8163)
Webクライアント 共通
1010427 - Google Chrome ClipboardHost Use-After-Free Vulnerability (CVE-2020-6462)
1010429 - Google Chrome webkitSpeechRecognition Use-After-Free Vulnerability (CVE-2020-6457)
Webサーバ 共通
1010264* - dotCMS CMSFilter Improper Access Control RCE Vulnerability (CVE-2020-6754)
Webサーバ Oracle
1010415* - Oracle WebLogic Server T3 Protocol Insecure Deserialization Vulnerability (CVE-2020-14625)
変更監視(Integrity Monitoring)ルール:
1002999* - Database Server - Microsoft SQL Server
セキュリティログ監視(Log Inspection)ルール:
1008619* - Application - Docker
1010349 - Docker Daemon Remote API Calls
1010421 - Trend Micro Deep Security Agent Removal Attempt