概要

* は既存ルールの新バージョンを示します。

DPI(Deep Packet Inspection) ルール:

Network Scanner
1008800* - Bypass Network Scanner Traffic


Nextgen Mirth Connect
1012008* - Nextgen Mirth Connect Insecure Deserialization Vulnerability (CVE-2023-43208)


Oracle VirtualBox
1012034* - Oracle VirtualBox Information Disclosure Vulnerability (CVE-2024-21109)


Progress Telerik Reporting
1012039 - Progress Telerik Reporting Insecure Deserialization Vulnerability (CVE-2024-1856 and CVE-2024-1801)


Webアプリケーション PHP
1011975* - WordPress 'Backup Migration' Plugin Command Injection Vulnerability (CVE-2023-7002)
1011828* - WordPress 'Beautiful Cookie Consent Banner' Plugin Cross-Site Scripting Vulnerability (CVE-2023-3388)
1011561* - WordPress 'Ketchup Restaurant Reservations' Plugin SQL Injection Vulnerability (CVE-2022-2754)
1011992* - WordPress 'Paid Memberships Pro' Plugin Arbitrary File Upload Vulnerability (CVE-2023-6187)
1012005* - WordPress 'Popup Builder' Plugin Cross-Site Scripting Vulnerability (CVE-2023-6000)
1012007* - WordPress 'Ultimate Member' Plugin SQL Injection Vulnerability (CVE-2024-1071)
1012045 - WordPress 'WPvivid Backup' Plugin Insecure Deserialization Vulnerability (CVE-2024-3054)


Webクライアント 共通
1004715* - HTTP Web Client Decoding
1011949* - Microsoft Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2024-21412)


Webサーバ HTTPS
1011979* - Centreon SQL Injection Vulnerability (CVE-2024-0637)
1011984* - Centreon SQL Injection Vulnerability (CVE-2024-23115)
1011983* - Centreon SQL Injection Vulnerability (CVE-2024-23116)


Webサーバ その他
1012043 - XWiki Code Injection Vulnerability (CVE-2024-31984)


変更監視(Integrity Monitoring)ルール:

1010793* - Linux/Unix - Shared object files modified
1011021* - Linux/Unix - bash root user configuration files modified (ATT&CK T1546.004)


セキュリティログ監視(Log Inspection)ルール:

今回のセキュリティアップデートには、新規のセキュリティログ監視ルールおよび更新は含まれておりません。