概要

* は既存ルールの新バージョンを示します。

DPI(Deep Packet Inspection) ルール:

Elasticsearch
1009209 - ElasticSearch Dynamic Script Arbitrary Java Code Execution Vulnerability (CVE-2014-3120)


HP Intelligent Management Center (IMC)
1008983 - HPE Intelligent Management Center 'saveSelectedDevices' Expression Language Injection Vulnerability (CVE-2017-12491)


TFTPサーバ
1009365 - Microsoft Windows Deployment Services TFTP Server Remote Code Execution Vulnerability (CVE-2018-8476)


Webアプリケーション 共通
1005934* - Identified Suspicious Command Injection Attack


Webクライアント Internet Explorer/Edge
1009244* - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-8355)


Webクライアント Mozilla Firefox
1009396 - Mozilla Firefox Multiple Security Vulnerabilities


Webサーバ Adobe ColdFusion
1009387 - Adobe ColdFusion Remote File Upload Vulnerability (CVE-2018-15961)


変更監視(Integrity Monitoring)ルール:

1008271* - Application - Docker
1003131* - Virtualization Software - VMware Server


セキュリティログ監視(Log Inspection)ルール:

1003802* - Directory Server - Microsoft Windows Active Directory