Description |
This article describes how to use a custom Rules in FortiSIEM to raise alerts for incident response related to attacks that attempt to exploit the remote code execution vulnerability CVE-2022-26134. For more information, check the FortiGuard outbreak alert. |
Scope |
FortiSIEM |
Solution |
1) Use Fortinet_FortiSIEM_Confluence_RCE_Reports_v1.xml as the file to import the Reports.
- Navigate to Resource / Reports. - Select the Import option under More.
2) Use Fortinet_FortiSIEM_Confluence_RCE_Rules_v1.xml as the file to import the Rules.
- Select the Import. - Select Fortinet_FortiSIEM_Follinat_Confluence_RCE_v1.xml and import. - Select the Import. - Select Fortinet_FortiSIEM_Follina_Confluence_RCE_v1.xml and import.
6.5.0
What is included in Fortinet_FortiSIEM_Confluence_RCE.zip?
- A FortiSIEM Rule to help with detection. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.