fortiguard.fortinet.com
Open in
urlscan Pro
149.5.234.134
Public Scan
Submitted URL: http://www.fortinet.com/ids/VID51006
Effective URL: https://fortiguard.fortinet.com/encyclopedia/ips/51006
Submission: On May 22 via api from SE — Scanned from SE
Effective URL: https://fortiguard.fortinet.com/encyclopedia/ips/51006
Submission: On May 22 via api from SE — Scanned from SE
Form analysis
2 forms found in the DOMGET /search
<form action="/search" method="get" class="form-check d-none ng-pristine ng-valid">
<span class="search_flat">
<label for="search_field_header" class="visually-hidden" id="label-search_field-header">Search</label>
<input id="search_field_header" type="text" class="search_field" placeholder="Search FortiGuard" name="q" required="required" autocomplete="off" aria-labelledby="label-search_field-header" value="">
<button type="submit" value=" " class="btn btn-sm" aria-label="Submit your search">
<img src="https://filestore.fortinet.com/fortiguard/static/images/icons_white/search.svg?v=26886" alt="search">
</button>
<div class="global_search-popup">
<fieldset>
<legend class="visually-hidden">Please select any available option</legend>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="all_home" class="form-check-input search-input-option" value="1" checked="checked" aria-checked="true">
<label class="form-check-label search-input-label" for="all_home"> Normal </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="exact_home" class="form-check-input search-input-option" value="2">
<label class="form-check-label search-input-label" for="exact_home"> Exact Match </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="cve_home" class="form-check-input search-input-option" value="3">
<label class="form-check-label search-input-label" for="cve_home"> CVE Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="threat_home" class="form-check-input search-input-option" value="4">
<label class="form-check-label search-input-label" for="threat_home"> ID Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="psirt_home" class="form-check-input search-input-option" value="6">
<label class="form-check-label search-input-label" for="psirt_home"> PSIRT Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="repms_home" class="form-check-input search-input-option" value="8">
<label class="form-check-label search-input-label" for="repms_home"> Antispam Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="outbreak-alert_home" class="form-check-input search-input-option" value="9">
<label class="form-check-label search-input-label" for="outbreak-alert_home"> Outbreak Alert Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="url_home" class="form-check-input search-input-option" value="7">
<label class="form-check-label search-input-label" for="url_home"> IP/Domain/URL Lookup </label>
</div>
</fieldset>
</div>
</span>
</form>
GET /search
<form action="/search" method="get" class="mobile-search-form col-12 ng-pristine ng-valid">
<div class="input-group">
<select class="form-select" name="engine">
<option value="1"> Normal </option>
<option value="2"> Exact Match </option>
<option value="3"> CVE Lookup </option>
<option value="4"> ID Lookup </option>
<option value="6"> PSIRT Lookup </option>
<option value="8"> Antispam Lookup </option>
<option value="9"> Outbreak Alert Lookup </option>
<option value="7"> IP/Domain/URL Lookup </option>
</select>
<input id="search_field_header" type="text" class="form-control" placeholder="Search FortiGuard" name="q" required="required" autocomplete="off" aria-labelledby="label-search_field-header" value="">
<button class="btn btn-sm btn-outline-secondary" type="submit">
<img src="https://filestore.fortinet.com/fortiguard/static/images/icons_white/search.svg?v=26886" alt="search">
</button>
</div>
</form>
Text Content
* Search Please select any available option Normal Exact Match CVE Lookup ID Lookup PSIRT Lookup Antispam Lookup Outbreak Alert Lookup IP/Domain/URL Lookup * News / Research NEWS/RESEARCH RESEARCH CENTER PSIRT CENTER Explore latest research and threat reports on emerging cyber threats. * Outbreak Alerts * Threat Signal * Security Blog Fortinet Product Security Incident Response Team (PSIRT) updates. * Advisories * Security Vulnerability Policy * PSIRT Blog * PSIRT Contact * Services SERVICES BY OUTBREAK BY SOLUTION BY PRODUCT PROTECT Counter measures across the security fabric for protecting assets, data and network. * Anti-Recon and Anti-Exploit * AntiSpam * AntiVirus * Application Control * Anti-Botnet * Endpoint Detection & Response * Endpoint Vulnerability * Operational Technology Security * Intrusion Protection * Sandbox Behavior Engine * Web Application Security * Web Filtering * Inline-CASB Application Definitions DETECT Find and correlate important information to identify an outbreak.Find and correlate * Anti-Recon and Anti-Exploit * Indicators of Compromise * Outbreak Deception * Outbreak Detection * Security Automation RESPOND Develop containment techniques to mitigate impacts of security events.Develop containment * FortiClient Forensics * FortiRecon: ACI * FortiXDR * Incident Response RECOVER Improve security posture and processes by implementing security awareness and training. * Assessment Services * NSE Training * Security Awareness Training IDENTIFY Identify processes and assets that need protection.Identify processes and assets that * CNP * Endpoint Vulnerability * FortiRecon: BP * FortiRecon: EASM * FortiTester * IoT Detection * Pen Testing * Security Rating * NETWORK SECURITY * Anti-Recon and Anti-Exploit * Anti-Botnet * CNP * Data Loss Prevention * Indicators of Compromise * Internet Services * Intrusion Protection * IP Geolocation * Secure DNS * Inline-CASB Application Definitions * ENDPOINT SECURITY * ANN and NDR * AntiVirus * Endpoint Detection & Response * Endpoint Vulnerability * IoT Detection * Sandbox Behavior Engine * FortiClient Outbreak Detection * APPLICATION SECURITY * AntiSpam * Application Control * Credential Stuffing Defense * Client Application Firewall * Operational Technology Security * Web Application Security * Web Filtering * SECURITY OPERATIONS * Breach Attack Simulation * FortiDevSec * FortiSIEM Outbreak Detection Service * Outbreak Detection * Outbreak Deception * Pen Testing * Security Rating * FortiGate * FortiAnalyzer * FortiClient * FortiWeb * FortiADC * FortiAuthenticator * FortiCNP * FortiDDoS * FortiDeceptor * FortiEDR * empty * FortiMail * FortiNDR * FortiPAM * FortiPolicy * FortiProxy * FortiRecon * FortiSandBox * FortiSASE * FortiSIEM * FortiTester * empty * AntiVirus * Application Control * Anti-Botnet * Operational Technology Security * Intrusion Protection * IoT Detection * IP Geolocation * Secure DNS * Security Rating * Web Filtering * Inline-CASB Application Definitions * Indicators of Compromise * Outbreak Detection * Security Automation * Anti-Recon and Anti-Exploit * AntiVirus * Application Firewall * Anti-Botnet * Credential Stuffing Defense * Endpoint Vulnerability * Intrusion Protection * Web Filtering * Outbreak Detection * AntiVirus * Application Control * Anti-Botnet * Credential Stuffing Defense * IP Geolocation * Web Application Security * Fuzzy Webshell * AntiVirus * Anti-Botnet * Credential Stuffing Defense * Intrusion Protection * IP Geolocation * Web Application Security * Web Filtering * IP Geolocation * Anti-Botnet * Data Loss Prevention * IP Geolocation * Vulnerability * Anti-Botnet * Anti-Recon and Anti-Exploit * AntiVirus * Intrusion Protection * Outbreak Deception * AntiVirus * EndPoint Detection and Response * Endpoint Vulnerability * Indicators of Compromise * Web Filtering * AntiSpam * AntiVirus * Web Filtering * Network Detection and Response * AntiVirus * Data Loss Prevention * Anti-Botnet * Application Control * Anti-Botnet * Application Control * Industrial Security * Digital Risk Protection * AntiVirus * Intrusion Protection * Sandbox Behavior Engine * Web Filtering * AntiVirus * Application Control * Anti-Botnet * Data Loss Prevention * Endpoint Vulnerability * Intrusion Protection * Secure DNS * Web Filtering * Indicators of Compromise * IP Geolocation * Outbreak Detection * Breach Attack Simulation * Threat Intelligence THREAT INTELLIGENCE CENTER Browse the FortiGuard Labs extensive encyclopedia and Threat Analytics. * Threat Encyclopedia * Threat Analytics * Threat Map * Application Control Lookup * Web Filtering Lookup * Resources RESOURCE CENTER Learn about service status, publications and other available resources. * MITRE ATT&CK Matrix * Publications * Security Best Practices * FortiGuard Sample Files * About ABOUT FORTIGUARD LABS PARTNERS AI-Powered Threat Intelligence for an Evolving Digital World. * Premium Services * Contact Us * RSS Feeds Leveraging cyber security industry partner relationships. * Cyber Threat Alliance * MITRE Engenuity * * News / Research * Outbreak Alerts * Threat Signal * Security Blog * Advisories * Security Vulnerability Policy * PSIRT Blog * PSIRT Contact * Services * Anti-Botnet * Anti-Recon and Anti-Exploit * Anti-Recon and Anti-Exploit * AntiSpam * AntiVirus * Application Control * Assessment Services * CNP * Endpoint Detection & Response * Endpoint Vulnerability * Endpoint Vulnerability * FortiClient Forensics * FortiRecon: ACI * FortiRecon: BP * FortiRecon: EASM * FortiTester * FortiXDR * Incident Response * Indicators of Compromise * Inline-CASB Application Definitions * Intrusion Protection * IoT Detection * NSE Training * Operational Technology Security * Outbreak Deception * Outbreak Detection * Pen Testing * Sandbox Behavior Engine * Security Automation * Security Awareness Training * Security Rating * Web Application Security * Web Filtering * Threat Lookup * Threat Encyclopedia * Threat Analytics * Threat Map * Application Control Lookup * Web Filtering Lookup * Resources * MITRE ATT&CK Matrix * Publications * Security Best Practices * FortiGuard Sample Files * About * Premium Services * Contact Us * RSS Feeds * Cyber Threat Alliance * MITRE Engenuity * FORTINET Normal Exact Match CVE Lookup ID Lookup PSIRT Lookup Antispam Lookup Outbreak Alert Lookup IP/Domain/URL Lookup INTRUSION PREVENTION APACHE.LOG4J.ERROR.LOG.REMOTE.CODE.EXECUTION DESCRIPTION This indicates an attack attempt to exploit a Remote Code Execution Vulnerability in Apache Log4j. The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application. OUTBREAK ALERT A 0-day exploit was discovered on a popular Java library Log4j2 that can result to a Remote Code Execution (RCE). This is a widely deployed library, and while systems protected by Fortinet Security Fabric are secured by the protections below, all systems need to upgrade ASAP as this is 10.0 severity. Due to the high visibility and attention, subsequent vulnerabilities have since emerged View the full Outbreak Alert Report Joint Cybersecurity Advisory (CSA) has released the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by Peoples Republic of China (PRC) state-sponsored cyber actors as assessed by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI). Previously, FortiGuard labs has already published various Outbreaks Alerts included in the released CISA's advisory such as: Apache Log4j, Hikvision Webserver Vulnerability, Atlassian Confluence OGNL RCE Vulnerability, Microsoft Exchange Server RCE Vulnerabilities etc. See the full list at: https://www.fortiguard.com/outbreak-alert Links to dedicated reports on each published outbreak by FortiGuard Labs are added to Additional Resources section below. View the full Outbreak Alert Report In the year 2022, FortiGuard IPS and FortiGuard AV/Sandbox blocked three trillion and six trillion hits respectively from vulnerabilities, malware and 0-day attacks. Those encompassed several thousand varieties of Remote Code Execution, Cross-Site Scripting, Elevation of Privilege, Denial of Service, Trojans, Exploits. FortiGuard Labs alerted customers with numerous critical threats throughout the year based on factors such as proof-of-concept, attack vectors, impact, ease of attack, dependencies, and more. This annual report covers:> View the full Outbreak Alert Report A new campaign conducted by the Lazarus Group is seen employing new DLang-based Remote Access Trojans (RATs) malware in the wild. The APT groups has been seen to target manufacturing, agricultural and physical security companies by exploiting the Log4j vulnerability and using it for initial access leading to a C2 (command and control) channel with the attacker. View the full Outbreak Alert Report AFFECTED PRODUCTS Apache Log4j before version 2.16 Apache Log4j version 1.2 IMPACT System Compromise: Remote attacker can gain control of vulnerable systems. RECOMMENDED ACTIONS Apply the most recent upgrade or patch from the vendor https://logging.apache.org/log4j/2.x/security.html TELEMETRY COVERAGE IPS (Regular DB) IPS (Extended DB) VERSION UPDATES Date Version Detail 2022-09-29 22.404 Sig Added 2022-08-24 21.380 Sig Added 2022-06-21 21.342 Sig Added 2022-06-15 21.339 Sig Added 2022-06-13 21.337 Sig Added 2022-06-04 21.331 Sig Added 2022-05-18 20.318 Sig Added 2022-05-04 20.309 Sig Added 2022-05-02 20.307 Sig Added 2022-04-19 20.300 Sig Added ID 51006 Created Dec 10, 2021 Updated Apr 17, 2023 Outbreak Alert Log4j2 Vulnerability CISAtop20_PRC2022 2022 Annual Report Lazarus RAT Attack Threat Signal View Report Risk CVE ID CVE-2021-4104 CVE-2021-45046 CVE-2021-44228 Known Exploited Yes Exploit Prediction Score 97.56% Default Action drop Active Affected OS All Affected App Apache * Contact Us * Legal * Privacy * Partners * Feedback * * * * * Copyright © 2024 Fortinet, Inc. All Rights Reserved. This site uses cookies. Some are essential to the operation of the site; others help us improve the user experience. By continuing to use the site, you consent to the use of these cookies. To learn more about cookies, please read our privacy policy. Accept