Rule Update
22-049 (2022年10月4日)
2022年10月4日
概要
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Atlassian Bitbucket
1011540* - Atlassian Bitbucket Server and Data Center Remote Command Execution Vulnerability (CVE-2022-36804)
IPSec-IKE
1011536* - Microsoft Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability (CVE-2022-34721)
Trend Micro OfficeScan
1011539* - Trend Micro Apex One And OfficeScan Authentication Bypass Vulnerability (CVE-2022-40144)
Web Application PHP Based
1011537* - WordPress 'BackupBuddy' Plugin Directory Traversal Vulnerability (CVE-2022-31474)
Web Client Common
1011545 - Microsoft Visual Studio Remote Code Execution Vulnerability (CVE-2022-30129)
1011547 - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2022-34728)
Web Server Common
1010175* - Cross-Site Scripting (XSS) Decoder
Web Server HTTPS
1011550 - Centreon 'Poller Resource' SQL Injection Vulnerability (CVE-2022-41142)
1011041* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-34473 and CVE-2022-41040)
1011548* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2022-41082)
1011519* - Node.js HTTP Request Smuggling Attack (CVE-2022-32214)
Web Server Miscellaneous
1011546 - Apache JSPWiki 'AJAXPreview.jsp' Reflected Cross-Site Scripting (CVE-2022-28730)
1011551 - Apache JSPWiki 'WeblogPlugin' Stored Cross-Site Scripting Vulnerability (CVE-2022-28732)
1011538* - Apache JSPWiki 'XHRHtml2Markup.jsp' Reflected Cross-Site Scripting Vulnerability (CVE-2022-27166)
Web Server SharePoint
1011541* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-35823)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011542 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - 1
1003447* - Web Server - Apache
1011250* - Web Server - Apache - 2
Deep Packet Inspection Rules:
Atlassian Bitbucket
1011540* - Atlassian Bitbucket Server and Data Center Remote Command Execution Vulnerability (CVE-2022-36804)
IPSec-IKE
1011536* - Microsoft Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability (CVE-2022-34721)
Trend Micro OfficeScan
1011539* - Trend Micro Apex One And OfficeScan Authentication Bypass Vulnerability (CVE-2022-40144)
Web Application PHP Based
1011537* - WordPress 'BackupBuddy' Plugin Directory Traversal Vulnerability (CVE-2022-31474)
Web Client Common
1011545 - Microsoft Visual Studio Remote Code Execution Vulnerability (CVE-2022-30129)
1011547 - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2022-34728)
Web Server Common
1010175* - Cross-Site Scripting (XSS) Decoder
Web Server HTTPS
1011550 - Centreon 'Poller Resource' SQL Injection Vulnerability (CVE-2022-41142)
1011041* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-34473 and CVE-2022-41040)
1011548* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2022-41082)
1011519* - Node.js HTTP Request Smuggling Attack (CVE-2022-32214)
Web Server Miscellaneous
1011546 - Apache JSPWiki 'AJAXPreview.jsp' Reflected Cross-Site Scripting (CVE-2022-28730)
1011551 - Apache JSPWiki 'WeblogPlugin' Stored Cross-Site Scripting Vulnerability (CVE-2022-28732)
1011538* - Apache JSPWiki 'XHRHtml2Markup.jsp' Reflected Cross-Site Scripting Vulnerability (CVE-2022-27166)
Web Server SharePoint
1011541* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-35823)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011542 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - 1
1003447* - Web Server - Apache
1011250* - Web Server - Apache - 2