Rule in Wazuh for CVE-2021-1675

42 views
Skip to first unread message

Nemo191 Nm

unread,
Apr 17, 2024, 3:32:42 AMApr 17
to Wazuh | Mailing List
Hi. Please tell me if there is a rule in Wazzub for vulnerability CVE-2021-1675?

Nemo191 Nm

unread,
Apr 17, 2024, 3:33:43 AMApr 17
to Wazuh | Mailing List

Hi. Please tell me if there is a rule in Wazuh for vulnerability CVE-2021-1675?
среда, 17 апреля 2024 г. в 10:32:42 UTC+3, Nemo191 Nm:

Farouk Musa

unread,
Apr 17, 2024, 4:28:03 AMApr 17
to Wazuh | Mailing List
Hello,

Wazuh pulls vulnerabilities listing from publicly available CVE repositories such as NVD, MSU, canonical etc. CVE-2021-1675 is captured by NVD as seen here. This means Wazuh vulnerability detector will identify the vulnerability in a monitored endpoint and trigger an alert 

I hope this helps.
Regards.

Nemo191 Nm

unread,
Apr 17, 2024, 5:34:33 AMApr 17
to Wazuh | Mailing List
I need a rule to detect this vulnerability CVE-2021-1675, can it be found in the standard rules?

среда, 17 апреля 2024 г. в 11:28:03 UTC+3, Farouk Musa:

Farouk Musa

unread,
Apr 22, 2024, 3:46:07 AMApr 22
to Wazuh | Mailing List
Yes it does. You can also use the field vulnerability.cve to create a filter.
Reply all
Reply to author
Forward
0 new messages