Release Notes and Announcements

Release Notes

Announcements

Getting Started

Product Introduction

Overview

Advantages

Basic Concepts

Scenarios

Associated Products

Features in Different Editions

Purchase Guide

Purchase Security Protection Licenses

Purchasing Log Analysis Service

Quick Start

Operation Guide

Security Dashboard

Asset Overview

Server List

Asset Fingerprint

Vulnerability Management

Baseline Management

Malicious File Scan

Unusual Login

Password Cracking

Malicious Requests

High-risk Commands

Local Privilege Escalation

Reverse Shell

Java Webshell

Critical File Monitor

Network Attack

A Ransomware Defense

Log Analysis

License Management

Alarm Setting

Cloud Access Management

Hybrid Cloud Installation Guide

FAQs for Beginners

Cloud Workload Protection Description

Feature Description

Agent Process Description

A Security Baseline Detection List

Parsing of JSON Format Alarm Data

Log Field Data Parsing

Agent Installation Guide

Security Score Overview

Practical Tutorial

Auto Fix of Vulnerabilities

Malicious File Processing

Troubleshooting

Intrusions on Linux

Intrusions on Windows

Offline Agent on Linux

Offline Agent on Windows

An Abnormal Log-in Notification

API Documentation

History

Introduction

API Category

Asset Management APIs

Virus Scanning APIs

Abnormal Log-in APIs

Password Cracking APIs

Malicious Request APIs

High-Risk Command APIs

Local Privilege Escalation APIs

Reverse Shell APIs

Vulnerability Management APIs

New Baseline Management APIs

Baseline Management APIs

Advanced Defense APIs

Security Operation APIs

Expert Service APIs

Other APIs

Overview Statistics APIs

Settings Center APIs

Making API Requests

Intrusion Detection APIs

Data Types

Error Codes

FAQs

Agreements

Service Level Agreement

Data Processing And Security Agreement

Glossary

A Security Baseline Detection List

PDF

Focus Mode

Font Size

Last updated: 2024-08-13 16:30:55

This document introduces the list of the security baseline detection in CWPP.
Note:
The security baselines will take effect immediately after product setup.
Name
Level
Vul_type
Unauthorized access to CouchDB.
High
Improper configuration
Docker Daemon 2375 management port is open.
High
Remote code execution
Unauthorized access to Elasticsearch.
High
Improper configuration
JavaRMI remote code execution
High
Remote code execution
The lack of authentication in Jenkins can lead to command execution.
High
Remote code execution
Unauthorized access to Kubelet.
High
Security baseline
Weak password detection of the Linux system
High
Remote code execution.
Unauthorized access to MongoDB.
High
Improper configuration
Weak password detection of MySQL
High
 Weak password
NFS misconfiguration leads to mountable sensitive directory.
High
Improper configuration
Baseline compliance detection of Redis
High
Remote code execution
Improper configuration detection of RPCBind
High
Security baseline
Weak password detection of Rsync
High
 Weak password
Rsync passwordless access
High
Improper configuration
Weak password detection of Tomcat
High
 Weak password
Weak password detection of Windows users
High
 Weak password
Xampp default FTP password
High
Information leakage
Backup files exist in the website directory.
High
Information leakage
Anonymous log-in detection of FTP
Medium
Information leakage
IIS misconfiguration leads to parsing vulnerability.
Medium
Improper configuration
Memcached UDP port can be exploited for DDOS amplification attacks.
Medium
Information leakage
PHP-FPM misconfiguration
Medium
Security baseline
Compliance detection of PostgreSQL
Medium
Remote code execution
Information leakage due to the presence of a .git folder exists in the Web directory.
Medium
Information leakage
Information leakage due to the presence of a .svn folder exists in the Web directory.
Medium
Information leakage.
Hidden account detection of Windows
Medium
Security baseline
Shadow account detection of Windows
Medium
Remote code execution
Unauthorized access to ZooKeeper.
Medium
Improper configuration
Unauthorized access to Hadoop.
Low
Remote code execution
Passwordless user detection of sudo
Low
Security baseline.
Sample directory detection of Tomcat
Low
Security baseline
A phpinfo file exists in the Web directory.
Low
Information leakage
Guest account status detection of Windows
Low
Security baseline
﻿

Help and Support

Was this page helpful?

You can also Contact sales or Submit a Ticket for help.

Help us improve! Rate your documentation experience in 5 mins.

Feedback

tencent cloud

Cloud Workload Protection Platform

A Security Baseline Detection List

Help and Support

Name	Level	Vul_type
Unauthorized access to CouchDB.	High	Improper configuration
Docker Daemon 2375 management port is open.	High	Remote code execution
Unauthorized access to Elasticsearch.	High	Improper configuration
JavaRMI remote code execution	High	Remote code execution
The lack of authentication in Jenkins can lead to command execution.	High	Remote code execution
Unauthorized access to Kubelet.	High	Security baseline
Weak password detection of the Linux system	High	Remote code execution.
Unauthorized access to MongoDB.	High	Improper configuration
Weak password detection of MySQL	High	Weak password
NFS misconfiguration leads to mountable sensitive directory.	High	Improper configuration
Baseline compliance detection of Redis	High	Remote code execution
Improper configuration detection of RPCBind	High	Security baseline
Weak password detection of Rsync	High	Weak password
Rsync passwordless access	High	Improper configuration
Weak password detection of Tomcat	High	Weak password
Weak password detection of Windows users	High	Weak password
Xampp default FTP password	High	Information leakage
Backup files exist in the website directory.	High	Information leakage
Anonymous log-in detection of FTP	Medium	Information leakage
IIS misconfiguration leads to parsing vulnerability.	Medium	Improper configuration
Memcached UDP port can be exploited for DDOS amplification attacks.	Medium	Information leakage
PHP-FPM misconfiguration	Medium	Security baseline
Compliance detection of PostgreSQL	Medium	Remote code execution
Information leakage due to the presence of a .git folder exists in the Web directory.	Medium	Information leakage
Information leakage due to the presence of a .svn folder exists in the Web directory.	Medium	Information leakage.
Hidden account detection of Windows	Medium	Security baseline
Shadow account detection of Windows	Medium	Remote code execution
Unauthorized access to ZooKeeper.	Medium	Improper configuration
Unauthorized access to Hadoop.	Low	Remote code execution
Passwordless user detection of sudo	Low	Security baseline.
Sample directory detection of Tomcat	Low	Security baseline
A phpinfo file exists in the Web directory.	Low	Information leakage
Guest account status detection of Windows	Low	Security baseline