Skip to Content

Application Vulnerability Check

The application vulnerability check automatically detects common application risk points on the servers you have deployed and provides repair suggestions for the identified issues.

Detection Principle

The detection mechanism works by deploying the installed client Agent on the machine system to check the application’s version and specific parameters. Using the loaded configuration rule files, security risk detection is performed locally. Different detection items use different rules to check for risk characteristics. When a risk rule is triggered, a risk point is highlighted and repair suggestions are provided.

Detection Cycle

  • The plugin will immediately scan and detect each time it starts or restarts, with the default scanning occurring every 12 hours.
  • After clearing risks, the system will rescan the same risk within 12 hours. If the risk is fixed, the alert will be automatically deleted.

Detection Items

CategoryDetection ItemDescriptionCorresponding Version
ApplicationApache HTTPD Multi-Suffix Parsing VulnerabilityChecks configuration settings to avoid enabling risky default optionsV3.0
ApplicationApache Log4J2 RCE Vulnerability (CVE-2021-44228)Please upgrade the running Apache Log4J version promptlyV3.0
ApplicationApache ActiveMQ Remote Code Execution VulnerabilityPlease upgrade the deployed Apache ActiveMQ version promptlyV3.0
Web ApplicationWeb-CMS VulnerabilityLatest vulnerability alerts and related patchesV3.0
ApplicationOpenSSH Remote Code Execution VulnerabilityPlease upgrade the deployed OpenSSH version promptlyV3.0
ApplicationMySQL2 Remote Code Execution VulnerabilityPlease upgrade the deployed MySQL2 version promptlyV3.0
ApplicationApache Kafka Improper Access Control VulnerabilityPlease upgrade the deployed Kafka version promptlyV3.0
Applicationliblzma/xz Tool Library Malicious Backdoor VulnerabilityPlease upgrade the deployed xz version promptlyV3.0
Applicationrunc Container Escape VulnerabilityPlease upgrade the deployed Docker version promptlyV3.0
ApplicationOpenSSH ProxyCommand Command Injection VulnerabilityPlease upgrade the deployed OpenSSH version promptlyV3.0
ApplicationFortinet FortiOS SSL-VPN Remote Code Execution VulnerabilityPlease upgrade the deployed Fortinet FortiOS SSL-VPN version promptlyV3.0
ApplicationFanwei E-Office Arbitrary Code Execution VulnerabilityPlease upgrade the deployed Fanwei E-Office version promptlyV3.0
ApplicationJenkins Remoting Arbitrary File Read VulnerabilityPlease upgrade the deployed Jenkins version promptlyV3.0

The corresponding version refers to the product version number. Please refer to the upgrade records for the version number and corresponding upgrade content.