Skip to content

Commit 9ebc35a

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #218990 from Miskatonic-Electronic/patch-22
Update waf-front-door-drs.md
2 parents 7223606 + 3e86b08 commit 9ebc35a

File tree

1 file changed

+5
-5
lines changed

1 file changed

+5
-5
lines changed

articles/web-application-firewall/afds/waf-front-door-drs.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -96,17 +96,17 @@ DRS 2.1 includes 17 rule groups, as shown in the following table. Each group con
9696

9797
The following rules are disabled by default for DRS 2.1:
9898

99-
|Rule ID |Rule Group|Description |Why disabled|
99+
|Rule ID |Rule Group|Description |Details|
100100
|---------|---------|---------|---------|
101101
|942110 |SQLI|SQL Injection Attack: Common Injection Testing Detected |Replaced by MSTIC rule 99031001 |
102102
|942150 |SQLI|SQL Injection Attack|Replaced by MSTIC rule 99031003 |
103103
|942260 |SQLI|Detects basic SQL authentication bypass attempts 2/3 |Replaced by MSTIC rule 99031004 |
104104
|942430 |SQLI|Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (12)|Too many false positives.|
105105
|942440 |SQLI|SQL Comment Sequence Detected|Replaced by MSTIC rule 99031002 |
106-
|99005006|MS-ThreatIntel-WebShells|Spring4Shell Interaction Attempt|Replaced by Microsoft threat intelligence rule.|
107-
|99001014|MS-ThreatIntel-CVEs|Attempted Spring Cloud routing-expression injection [CVE-2022-22963](https://www.cve.org/CVERecord?id=CVE-2022-22963)|Replaced by Microsoft threat intelligence rule.|
108-
|99001015|MS-ThreatIntel-WebShells|Attempted Spring Framework unsafe class object exploitation [CVE-2022-22965](https://www.cve.org/CVERecord?id=CVE-2022-22965)|Replaced by Microsoft threat intelligence rule.|
109-
|99001016|MS-ThreatIntel-WebShells|Attempted Spring Cloud Gateway Actuator injection [CVE-2022-22947](https://www.cve.org/CVERecord?id=CVE-2022-22947)|Replaced by Microsoft threat intelligence rule.|
106+
|99005006|MS-ThreatIntel-WebShells|Spring4Shell Interaction Attempt|Enable rule to prevent against SpringShell vulnerability|
107+
|99001014|MS-ThreatIntel-CVEs|Attempted Spring Cloud routing-expression injection [CVE-2022-22963](https://www.cve.org/CVERecord?id=CVE-2022-22963)|Enable rule to prevent against SpringShell vulnerability|
108+
|99001015|MS-ThreatIntel-WebShells|Attempted Spring Framework unsafe class object exploitation [CVE-2022-22965](https://www.cve.org/CVERecord?id=CVE-2022-22965)|Enable rule to prevent against SpringShell vulnerability|
109+
|99001016|MS-ThreatIntel-WebShells|Attempted Spring Cloud Gateway Actuator injection [CVE-2022-22947](https://www.cve.org/CVERecord?id=CVE-2022-22947)|Enable rule to prevent against SpringShell vulnerability|
110110

111111
### DRS 2.0
112112

0 commit comments

Comments
 (0)