Rule Update
DPIルール他更新情報:22-012(2022年3月8日)
概要
* は既存ルールの新バージョンを示します。
DPI(Deep Packet Inspection) ルール:
H2 Database
1011316* - H2 Database Remote Code Execution Vulnerability (CVE-2022-23221)
Webアプリケーション PHP
1011319 - WordPress '404 to 301' Plugin Blind SQL Injection Vulnerability (CVE-2015-9323)
1011302 - WordPress 'Contact Form 7' plugin Unauthenticated Stored Cross-Site Scripting Vulnerability (CVE-2021-25080)
1011314 - WordPress 'Contact Form Check Tester' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24247)
1011305 - WordPress 'Domain Check' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24926)
1011325 - WordPress 'Perfect Survey' Plugin SQL Injection Vulnerability (CVE-2021-24762)
1011324 - WordPress 'WP User Frontend' Plugin SQL Injection Vulnerability (CVE-2021-25076)
1011313 - WordPress 'secure-copy-content-protection' Plugin SQL Injection Vulnerability (CVE-2021-24931)
1011298* - WordPress Core Post Slug Stored Cross-Site Scripting Vulnerability (CVE-2022-21662)
Webクライアント 共通
1010182* - Google Chrome Type Confusion Vulnerability (CVE-2020-6418)
Webクライアント Internet Explorer/Edge
1011323 - Microsoft Internet Explorer Security Feature Bypass Vulnerability (CVE-2022-24502)
Webサーバ 共通
1010099* - Elastic Kibana Timelion Prototype Pollution Vulnerability (CVE-2019-7609)
Webサーバ HTTPS
1011328 - Microsoft Defender for IOT Privilege Escalation Vulnerability (CVE-2022-23266)
Webサーバ その他
1011304* - Atlassian Jira Reflected Cross-Site Scripting Vulnerability (CVE-2021-43942)
1011301* - Jenkins 'Matrix Project' Plugin Cross-Site Scripting Vulnerability (CVE-2022-20615)
Webサーバ Nagios
1011326 - Nagios XI AutoDiscovery Component Path Traversal Vulnerability (CVE-2021-37343)
Webサーバ SharePoint
1011318 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-42309)
1011310* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-22005)
Zoho ManageEngine
1011327 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37926)
1011267* - Zoho ManageEngine Network Configuration Manager Command Injection Vulnerability (CVE-2021-43319)
1011254* - Zoho ManageEngine Network Configuration Manager SQL Injection Vulnerability (CVE-2021-41081)
1011317 - Zoho ManageEngine ServiceDesk Plus Stored Cross-Site Scripting Vulnerability (CVE-2021-46065)
変更監視(Integrity Monitoring)ルール:
今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。
セキュリティログ監視(Log Inspection)ルール:
1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
DPI(Deep Packet Inspection) ルール:
H2 Database
1011316* - H2 Database Remote Code Execution Vulnerability (CVE-2022-23221)
Webアプリケーション PHP
1011319 - WordPress '404 to 301' Plugin Blind SQL Injection Vulnerability (CVE-2015-9323)
1011302 - WordPress 'Contact Form 7' plugin Unauthenticated Stored Cross-Site Scripting Vulnerability (CVE-2021-25080)
1011314 - WordPress 'Contact Form Check Tester' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24247)
1011305 - WordPress 'Domain Check' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24926)
1011325 - WordPress 'Perfect Survey' Plugin SQL Injection Vulnerability (CVE-2021-24762)
1011324 - WordPress 'WP User Frontend' Plugin SQL Injection Vulnerability (CVE-2021-25076)
1011313 - WordPress 'secure-copy-content-protection' Plugin SQL Injection Vulnerability (CVE-2021-24931)
1011298* - WordPress Core Post Slug Stored Cross-Site Scripting Vulnerability (CVE-2022-21662)
Webクライアント 共通
1010182* - Google Chrome Type Confusion Vulnerability (CVE-2020-6418)
Webクライアント Internet Explorer/Edge
1011323 - Microsoft Internet Explorer Security Feature Bypass Vulnerability (CVE-2022-24502)
Webサーバ 共通
1010099* - Elastic Kibana Timelion Prototype Pollution Vulnerability (CVE-2019-7609)
Webサーバ HTTPS
1011328 - Microsoft Defender for IOT Privilege Escalation Vulnerability (CVE-2022-23266)
Webサーバ その他
1011304* - Atlassian Jira Reflected Cross-Site Scripting Vulnerability (CVE-2021-43942)
1011301* - Jenkins 'Matrix Project' Plugin Cross-Site Scripting Vulnerability (CVE-2022-20615)
Webサーバ Nagios
1011326 - Nagios XI AutoDiscovery Component Path Traversal Vulnerability (CVE-2021-37343)
Webサーバ SharePoint
1011318 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-42309)
1011310* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-22005)
Zoho ManageEngine
1011327 - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37926)
1011267* - Zoho ManageEngine Network Configuration Manager Command Injection Vulnerability (CVE-2021-43319)
1011254* - Zoho ManageEngine Network Configuration Manager SQL Injection Vulnerability (CVE-2021-41081)
1011317 - Zoho ManageEngine ServiceDesk Plus Stored Cross-Site Scripting Vulnerability (CVE-2021-46065)
変更監視(Integrity Monitoring)ルール:
今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。
セキュリティログ監視(Log Inspection)ルール:
1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)