Rule Update
DPIルール他更新情報:22-013(2022年3月15日)
2022年3月15日
概要
* は既存ルールの新バージョンを示します。
DPI(Deep Packet Inspection) ルール:
DNSクライアント
1010766* - Identified Non Existing DNS Resource Record (RR) Types In DNS Traffic
SSLクライアント アプリケーション
1001113* - SSL/TLS Client (ATT&CK T1573.002, T1071.001)
SolarWinds Network Performance Monitor
1011271 - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 1
1011272 - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 2
アプリケーションに関連する不審な活動(サーバ)
1003594* - Detected SSL/TLS Server Traffic (ATT&CK T1573.002, T1071.001)
Webアプリケーション PHP
1011319* - WordPress '404 to 301' Plugin Blind SQL Injection Vulnerability (CVE-2015-9323)
1011314* - WordPress 'Contact Form Check Tester' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24247)
1011305* - WordPress 'Domain Check' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24926)
1011337 - WordPress 'Download Monitor' Plugin Cross-Site Scripting Vulnerability (CVE-2021-23174)
1011335 - WordPress 'Mortgage-Calculators-Wp' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24904)
1011334 - WordPress 'Paid Memberships Pro' Plugin SQL Injection Vulnerability (CVE-2021-25114)
1011320 - WordPress 'Post Grid' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24488)
1011341 - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-0651)
1011324* - WordPress 'WP User Frontend' Plugin SQL Injection Vulnerability (CVE-2021-25076)
1011321 - WordPress 'WooCommerce Product Slider' Plugin Reflected Cross Site Vulnerability (CVE-2021-24300)
1011313* - WordPress 'secure-copy-content-protection' Plugin SQL Injection Vulnerability (CVE-2021-24931)
Webアプリケーション Ruby
1011332 - Grafana Authentication Bypass Vulnerability (CVE-2021-39226)
Webクライアント 共通
1011133* - Microsoft Visual Studio Remote Code Execution Vulnerability (CVE-2021-36952)
Webサーバ HTTPS
1011336 - Identified Zabbix Frontend SAML SSO Authentication Request
Webサーバ その他
1011297 - Jenkins 'Badger' Plugin Cross-Site Scripting Vulnerability (CVE-2022-23108)
Webサーバ Nagios
1011326* - Nagios XI AutoDiscovery Component Path Traversal Vulnerability (CVE-2021-37343)
Webサーバ SharePoint
1011318* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-42309)
Webmin
1011338 - Webmin Improper Access Control Vulnerability (CVE-2022-0824)
Zoho ManageEngine
1011327* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37926)
1011329 - Zoho ManageEngine OpManager SumPDU Multiple Java Deserialization Vulnerabilities (CVE-2020-28653 and CVE-2021-3287)
1011317* - Zoho ManageEngine ServiceDesk Plus Stored Cross-Site Scripting Vulnerability (CVE-2021-46065)
変更監視(Integrity Monitoring)ルール:
今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。
セキュリティログ監視(Log Inspection)ルール:
1002831* - Unix - Syslog
DPI(Deep Packet Inspection) ルール:
DNSクライアント
1010766* - Identified Non Existing DNS Resource Record (RR) Types In DNS Traffic
SSLクライアント アプリケーション
1001113* - SSL/TLS Client (ATT&CK T1573.002, T1071.001)
SolarWinds Network Performance Monitor
1011271 - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 1
1011272 - SolarWinds Orion Platform Multiple Privilege Escalation Vulnerabilities (CVE-2021-35234) - 2
アプリケーションに関連する不審な活動(サーバ)
1003594* - Detected SSL/TLS Server Traffic (ATT&CK T1573.002, T1071.001)
Webアプリケーション PHP
1011319* - WordPress '404 to 301' Plugin Blind SQL Injection Vulnerability (CVE-2015-9323)
1011314* - WordPress 'Contact Form Check Tester' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24247)
1011305* - WordPress 'Domain Check' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24926)
1011337 - WordPress 'Download Monitor' Plugin Cross-Site Scripting Vulnerability (CVE-2021-23174)
1011335 - WordPress 'Mortgage-Calculators-Wp' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24904)
1011334 - WordPress 'Paid Memberships Pro' Plugin SQL Injection Vulnerability (CVE-2021-25114)
1011320 - WordPress 'Post Grid' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24488)
1011341 - WordPress 'WP Statistics' Plugin Blind SQL Injection Vulnerability (CVE-2022-0651)
1011324* - WordPress 'WP User Frontend' Plugin SQL Injection Vulnerability (CVE-2021-25076)
1011321 - WordPress 'WooCommerce Product Slider' Plugin Reflected Cross Site Vulnerability (CVE-2021-24300)
1011313* - WordPress 'secure-copy-content-protection' Plugin SQL Injection Vulnerability (CVE-2021-24931)
Webアプリケーション Ruby
1011332 - Grafana Authentication Bypass Vulnerability (CVE-2021-39226)
Webクライアント 共通
1011133* - Microsoft Visual Studio Remote Code Execution Vulnerability (CVE-2021-36952)
Webサーバ HTTPS
1011336 - Identified Zabbix Frontend SAML SSO Authentication Request
Webサーバ その他
1011297 - Jenkins 'Badger' Plugin Cross-Site Scripting Vulnerability (CVE-2022-23108)
Webサーバ Nagios
1011326* - Nagios XI AutoDiscovery Component Path Traversal Vulnerability (CVE-2021-37343)
Webサーバ SharePoint
1011318* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-42309)
Webmin
1011338 - Webmin Improper Access Control Vulnerability (CVE-2022-0824)
Zoho ManageEngine
1011327* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37926)
1011329 - Zoho ManageEngine OpManager SumPDU Multiple Java Deserialization Vulnerabilities (CVE-2020-28653 and CVE-2021-3287)
1011317* - Zoho ManageEngine ServiceDesk Plus Stored Cross-Site Scripting Vulnerability (CVE-2021-46065)
変更監視(Integrity Monitoring)ルール:
今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。
セキュリティログ監視(Log Inspection)ルール:
1002831* - Unix - Syslog