概要

* は既存ルールの新バージョンを示します。

DPI(Deep Packet Inspection) ルール:

CentOS Web Panel
1011441 - CentOS Web Panel 'ajax_dashboard' SQL Injection Vulnerability (CVE-2020-15626)
1011437 - CentOS Web Panel Multiple SQL Injection Vulnerabilities


DCERPCサービス - クライアント
1011436 - Microsoft Windows RPC Remote Code Execution Vulnerability (CVE-2022-26809)


Webアプリケーション 共通
1010199* - Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability (CVE-2020-0618)


Webアプリケーション PHP
1011435 - ThinkCMF Remote Code Execution Vulnerability
1011439 - WordPress 'Advanced Uploader' Plugin Arbitrary File Upload Vulnerability (CVE-2022-1103)


Webサービスその他
1011440 - Atlassian Jira Authentication Bypass Vulnerability (CVE-2022-0540)


Zoho ManageEngine Applications Manager
1010698* - Zoho ManageEngine Applications Manager 'showMonitorGroupView' SQL Injection Vulnerability
1010563* - Zoho ManageEngine Applications Manager Arbitrary File Upload Vulnerability (CVE-2020-14008)
1011062* - Zoho ManageEngine Applications Manager Cross Site Scripting Vulnerability (CVE-2021-31813)
1010903* - Zoho ManageEngine Applications Manager Custom Monitor Type SQL Injection Vulnerability
1010109* - Zoho ManageEngine Applications Manager MASRequestProcessor 'serverID' SQL Injection Vulnerability
1010448* - Zoho ManageEngine Applications Manager SQL Injection Vulnerability (CVE-2020-15533)
1010612* - Zoho ManageEngine Applications Manager SQL Injection Vulnerability (CVE-2020-15927)
1010811* - Zoho ManageEngine Applications Manager SQL Injection Vulnerability (CVE-2020-35765)
1011020* - Zoho ManageEngine Applications Manager Stored Cross-Site Scripting Vulnerability
1011012* - Zoho ManageEngine Applications Manager URL Monitor SQL Injection Vulnerability


変更監視(Integrity Monitoring)ルール:

今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。


セキュリティログ監視(Log Inspection)ルール:

1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)