Rule Update
22-025 (2022年5月31日)
2022年5月31日
概要
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
CentOS Web Panel
1011441 - CentOS Web Panel 'ajax_dashboard' SQL Injection Vulnerability (CVE-2020-15626)
1011437 - CentOS Web Panel Multiple SQL Injection Vulnerabilities
DCERPC Services - Client
1011436 - Microsoft Windows RPC Remote Code Execution Vulnerability (CVE-2022-26809)
Web Application Common
1010199* - Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability (CVE-2020-0618)
Web Application PHP Based
1011435 - ThinkCMF Remote Code Execution Vulnerability
1011439 - WordPress 'Advanced Uploader' Plugin Arbitrary File Upload Vulnerability (CVE-2022-1103)
Web Server Miscellaneous
1011440 - Atlassian Jira Authentication Bypass Vulnerability (CVE-2022-0540)
Zoho ManageEngine Applications Manager
1010698* - Zoho ManageEngine Applications Manager 'showMonitorGroupView' SQL Injection Vulnerability
1010563* - Zoho ManageEngine Applications Manager Arbitrary File Upload Vulnerability (CVE-2020-14008)
1011062* - Zoho ManageEngine Applications Manager Cross Site Scripting Vulnerability (CVE-2021-31813)
1010903* - Zoho ManageEngine Applications Manager Custom Monitor Type SQL Injection Vulnerability
1010109* - Zoho ManageEngine Applications Manager MASRequestProcessor 'serverID' SQL Injection Vulnerability
1010448* - Zoho ManageEngine Applications Manager SQL Injection Vulnerability (CVE-2020-15533)
1010612* - Zoho ManageEngine Applications Manager SQL Injection Vulnerability (CVE-2020-15927)
1010811* - Zoho ManageEngine Applications Manager SQL Injection Vulnerability (CVE-2020-35765)
1011020* - Zoho ManageEngine Applications Manager Stored Cross-Site Scripting Vulnerability
1011012* - Zoho ManageEngine Applications Manager URL Monitor SQL Injection Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
Deep Packet Inspection Rules:
CentOS Web Panel
1011441 - CentOS Web Panel 'ajax_dashboard' SQL Injection Vulnerability (CVE-2020-15626)
1011437 - CentOS Web Panel Multiple SQL Injection Vulnerabilities
DCERPC Services - Client
1011436 - Microsoft Windows RPC Remote Code Execution Vulnerability (CVE-2022-26809)
Web Application Common
1010199* - Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability (CVE-2020-0618)
Web Application PHP Based
1011435 - ThinkCMF Remote Code Execution Vulnerability
1011439 - WordPress 'Advanced Uploader' Plugin Arbitrary File Upload Vulnerability (CVE-2022-1103)
Web Server Miscellaneous
1011440 - Atlassian Jira Authentication Bypass Vulnerability (CVE-2022-0540)
Zoho ManageEngine Applications Manager
1010698* - Zoho ManageEngine Applications Manager 'showMonitorGroupView' SQL Injection Vulnerability
1010563* - Zoho ManageEngine Applications Manager Arbitrary File Upload Vulnerability (CVE-2020-14008)
1011062* - Zoho ManageEngine Applications Manager Cross Site Scripting Vulnerability (CVE-2021-31813)
1010903* - Zoho ManageEngine Applications Manager Custom Monitor Type SQL Injection Vulnerability
1010109* - Zoho ManageEngine Applications Manager MASRequestProcessor 'serverID' SQL Injection Vulnerability
1010448* - Zoho ManageEngine Applications Manager SQL Injection Vulnerability (CVE-2020-15533)
1010612* - Zoho ManageEngine Applications Manager SQL Injection Vulnerability (CVE-2020-15927)
1010811* - Zoho ManageEngine Applications Manager SQL Injection Vulnerability (CVE-2020-35765)
1011020* - Zoho ManageEngine Applications Manager Stored Cross-Site Scripting Vulnerability
1011012* - Zoho ManageEngine Applications Manager URL Monitor SQL Injection Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)