概要

* は既存ルールの新バージョンを示します。

DPI(Deep Packet Inspection) ルール:

Apache Kylin
1011623 - Apache Kylin Command Injection Vulnerability (CVE-2022-24697)


OpenSSL
1011597* - OpenSSL 'ossl_punycode_decode' Buffer Overflow Vulnerability (CVE-2022-3786) - Server


OpenSSLクライアント
1011596* - OpenSSL 'ossl_punycode_decode' Buffer Overflow Vulnerability (CVE-2022-3786) - Client


Webアプリケーション 共通
1011619 - XStream Library Remote Command Execution Vulnerability (CVE-2021-39144)


Webアプリケーション PHP
1011613* - WordPress 'Absolutely Glamorous Custom Admin' Plugin Cross-Site Scripting Vulnerability (CVE-2021-36823)
1011611* - WordPress 'Display Users' Plugin SQL Injection Vulnerability (CVE-2021-24400)
1011604* - WordPress 'Elementor Website Builder' Plugin Cross-Site Scripting Vulnerability (CVE-2020-8426)
1011601* - WordPress 'GSEOR' Plugin SQL Injection Vulnerability (CVE-2021-24396)
1011617* - WordPress 'IgniteUp' Plugin Unauthenticated Arbitrary File Deletion Vulnerability (CVE-2019-17234)
1011599* - WordPress 'Nevma Adaptive Images' Plugin Directory Traversal Vulnerability (CVE-2019-14205)
1011615* - WordPress 'Page Contact' Plugin SQL Injection Vulnerability (CVE-2021-24403)
1011609* - WordPress 'Product Feed on WooCommerce' Plugin SQL Injection Vulnerability (CVE-2021-24511)
1011606* - WordPress 'Recipe Card Blocks' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24632)
1011621 - WordPress 'Snap Creek Duplicator' Plugin Directory Traversal Vulnerability (CVE-2020-11738)
1011618 - WordPress 'Support Board' Plugin SQL Injection Vulnerability (CVE-2021-24741)
1011612* - WordPress 'The Sorter' Plugin SQL Injection Vulnerability (CVE-2021-24399)
1011622 - WordPress 'WP Dialog' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24600)
1011610* - WordPress 'WP Domain Redirect' Plugin SQL Injection Vulnerability (CVE-2021-24401)
1011607* - WordPress 'WP iCommerce' Plugin SQL Injection Vulnerability (CVE-2021-24402)
1011620 - WordPress Directory Traversal Vulnerability (CVE-2019-8943)


Webサーバ HTTPS
1011571* - Centreon 'Poller Broker' SQL Injection Vulnerability (CVE-2022-42426)
1011567* - Centreon 'Poller Broker' SQL Injection Vulnerability (CVE-2022-42428)


Windows SMBサーバ
1011593* - Identified Executable File Upload On Network Share (ATT&CK T1570)


Zoho ManageEngine
1011626 - Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability (CVE-2022-40770)


変更監視(Integrity Monitoring)ルール:

1002778* - Microsoft Windows - System .dll or .exe files modified (ATT&CK T1036.003, T1222.001)


セキュリティログ監視(Log Inspection)ルール:

1003447* - Web Server - Apache