概要

* は既存ルールの新バージョンを示します。

DPI(Deep Packet Inspection) ルール:

Atlassian Bitbucket
1011540* - Atlassian Bitbucket Server and Data Center Remote Command Execution Vulnerability (CVE-2022-36804)


IPSec-IKE
1011536* - Microsoft Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability (CVE-2022-34721)


Trend Micro OfficeScan
1011539* - Trend Micro Apex One And OfficeScan Authentication Bypass Vulnerability (CVE-2022-40144)


Webアプリケーション PHP
1011537* - WordPress 'BackupBuddy' Plugin Directory Traversal Vulnerability (CVE-2022-31474)


Webクライアント 共通
1011545 - Microsoft Visual Studio Remote Code Execution Vulnerability (CVE-2022-30129)
1011547 - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2022-34728)


Webサーバ 共通
1010175* - Cross-Site Scripting (XSS) Decoder


Webサーバ HTTPS
1011550 - Centreon 'Poller Resource' SQL Injection Vulnerability (CVE-2022-41142)
1011041* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-34473 and CVE-2022-41040)
1011548* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2022-41082)
1011519* - Node.js HTTP Request Smuggling Attack (CVE-2022-32214)


Webサーバ その他
1011546 - Apache JSPWiki 'AJAXPreview.jsp' Reflected Cross-Site Scripting (CVE-2022-28730)
1011551 - Apache JSPWiki 'WeblogPlugin' Stored Cross-Site Scripting Vulnerability (CVE-2022-28732)
1011538* - Apache JSPWiki 'XHRHtml2Markup.jsp' Reflected Cross-Site Scripting Vulnerability (CVE-2022-27166)


Webサーバ SharePoint
1011541* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-35823)


変更監視(Integrity Monitoring)ルール:

今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。


セキュリティログ監視(Log Inspection)ルール:

1011542 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - 1
1003447* - Web Server - Apache
1011250* - Web Server - Apache - 2