Application Vulnerability Check
The application vulnerability check automatically detects common application risk points on the servers you have deployed and provides repair suggestions for the identified issues.
Detection Principle
The detection mechanism works by deploying the installed client Agent on the machine system to check the application’s version and specific parameters. Using the loaded configuration rule files, security risk detection is performed locally. Different detection items use different rules to check for risk characteristics. When a risk rule is triggered, a risk point is highlighted and repair suggestions are provided.
Detection Cycle
- The plugin will immediately scan and detect each time it starts or restarts, with the default scanning occurring every 12 hours.
- After clearing risks, the system will rescan the same risk within 12 hours. If the risk is fixed, the alert will be automatically deleted.
Detection Items
| Category | Detection Item | Description | Corresponding Version |
|---|---|---|---|
| Application | Apache HTTPD Multi-Suffix Parsing Vulnerability | Checks configuration settings to avoid enabling risky default options | V3.0 |
| Application | Apache Log4J2 RCE Vulnerability (CVE-2021-44228) | Please upgrade the running Apache Log4J version promptly | V3.0 |
| Application | Apache ActiveMQ Remote Code Execution Vulnerability | Please upgrade the deployed Apache ActiveMQ version promptly | V3.0 |
| Web Application | Web-CMS Vulnerability | Latest vulnerability alerts and related patches | V3.0 |
| Application | OpenSSH Remote Code Execution Vulnerability | Please upgrade the deployed OpenSSH version promptly | V3.0 |
| Application | MySQL2 Remote Code Execution Vulnerability | Please upgrade the deployed MySQL2 version promptly | V3.0 |
| Application | Apache Kafka Improper Access Control Vulnerability | Please upgrade the deployed Kafka version promptly | V3.0 |
| Application | liblzma/xz Tool Library Malicious Backdoor Vulnerability | Please upgrade the deployed xz version promptly | V3.0 |
| Application | runc Container Escape Vulnerability | Please upgrade the deployed Docker version promptly | V3.0 |
| Application | OpenSSH ProxyCommand Command Injection Vulnerability | Please upgrade the deployed OpenSSH version promptly | V3.0 |
| Application | Fortinet FortiOS SSL-VPN Remote Code Execution Vulnerability | Please upgrade the deployed Fortinet FortiOS SSL-VPN version promptly | V3.0 |
| Application | Fanwei E-Office Arbitrary Code Execution Vulnerability | Please upgrade the deployed Fanwei E-Office version promptly | V3.0 |
| Application | Jenkins Remoting Arbitrary File Read Vulnerability | Please upgrade the deployed Jenkins version promptly | V3.0 |