Security Center can detect and fix Web-CMS vulnerabilities. The Web-CMS vulnerability detection feature can monitor website directories. Compared with vulnerability files, this feature can detect the vulnerabilities in website builders and identify common website builders. This topic describes how to view related information about Web-CMS vulnerabilities and manage them.

Background information

The Web-CMS vulnerability detection feature obtains the information about the latest Web-CMS vulnerabilities and provides update patches in the cloud. This allows you to quickly detect and fix Web-CMS vulnerabilities. This feature detects vulnerabilities dynamically, provides vulnerability fixes, and applies patches to fix multiple vulnerabilities simultaneously.

Note
  • The Basic edition only detects Web-CMS vulnerabilities but does not fix them. To fix the Web-CMS vulnerabilities, you must upgrade Security Center to the Advanced or Enterprise edition. For more information about features supported by the Basic, Advanced or Enterprise edition, see Features.
  • A Web-CMS vulnerability fix takes effect immediately after it is completed. You do not need to verify the fix after you complete it.

View vulnerability information

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Vulnerabilities.
  3. On the Vulnerabilities page, click the Web CMS tab.
  4. On the Web-CMS tab, view the information of all Web-CMS vulnerabilities detected by Security Center.
    • View vulnerability informationVulnerability information
    • View vulnerability priorities

      Web-CMS vulnerabilities are high-risk vulnerabilities confirmed by Alibaba Cloud security engineers. Web-CMS vulnerabilities have High priorities and are marked in red.

      Priorities
      Note We recommend that you fix Web-CMS vulnerabilities as soon as possible.
    • Add a vulnerability to the whitelist

      On the Web CMS tab, select a vulnerability and click Add to Whitelist to add it to the whitelist. After you add a vulnerability to the whitelist, Security Center no longer generates alerts when this vulnerability is detected.

      The vulnerability added to the whitelist is removed from the vulnerability column on the Web-CMS tab. It is added to the Vul Whitelist in the Settings module.

      If you want Security Center to detect and generate alerts upon a vulnerability that is already added to the whitelist, select the vulnerability on the Settings page and then click Remove to remove the vulnerability from the whitelist.

      Remove a vulnerability from the whitelist
    • Filter vulnerabilities

      On the Web CMS tab, you can filter vulnerabilities by vulnerability name, severity level (high, medium, and low), asset group, or vulnerability status (handled, unhandled).

      Filter vulnerabilities
      Note Fuzzy match of vulnerability names is supported.
    • Export vulnerabilities
      On the Web CMS tab, click Export to export and save all detected Web-CMS vulnerabilities to a local machine. The vulnerabilities are exported to an Excel file.
      Note It may take a long time to export the vulnerabilities, depending on the file size.
      The Export icon

Manage vulnerabilities

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Vulnerabilities.
  3. On the Vulnerabilities page, click the Web CMS tab.
  4. In the vulnerability column, click the name of the target Vulnerability or click Repair in the Actions column of the target Vulnerability to go to the Detail tab.
    You can view the details of the vulnerability, the number of unhandled vulnerabilities, and the affected asset information.The detail tab
  5. On the Detail tab, perform the following operations as needed.
    • View vulnerability details

      The Detail tab also displays related vulnerabilities, which represent the information of all assets affected by the vulnerability. This helps you analyze and manage related vulnerabilities simultaneously.

      • Click Detail to go to the Detail page to view the descriptions and fix suggestions of the target vulnerability.
      • Click Pending vulnerability to go to the unhandled vulnerability column on the Detail subpage.

        In the unhandled vulnerability column, you can view the affected assets and the status of the vulnerability. You can also verify, fix the vulnerability, or add it to the whitelist.

      View vulnerability details
      Find the Vulnerability column on the Detail tab and click Affected Assets to go to Assets > Vulnerability to view all Web-CMS vulnerabilities related to this asset.Assets
    • View vulnerability priorities

      Web-CMS vulnerabilities are high-risk vulnerabilities confirmed by Alibaba Cloud security engineers. Web-CMS vulnerabilities have High priorities and are marked in red.

      Vulnerability priorities
      Note We recommend that you fix Web-CMS vulnerabilities as soon as possible.
    • Filter vulnerabilities

      On the Pending Vulnerability tab, you can search for affected assets by vulnerability severity (high, medium, and low), asset group, vulnerability status (handled and unhandled), server IP address, or server name.

      Filter vulnerabilities
      Note Server IP addresses and names support fuzzy match.
    • View vulnerability statuses
      • Handled
        • Fixed: The vulnerability has been fixed.
        • Ignored: You can Ignore the vulnerability. Security Center no longer generates alerts when this vulnerability is detected.
        • Invalid: The vulnerability cannot be detected. You may have already deleted the vulnerability files.
      • Unhandled
        • Unfixed: The vulnerability has not been fixed.
        • Fixing: The vulnerability is being fixed.
        • Fix Failed: Security Center failed to fix the vulnerability. The vulnerability files may have been modified or does not exist.
        • Verifying: The vulnerability is being verified whether it has been fixed. If Security Center notifies you that a system restart is required after you fix the vulnerability, restart the system before you perform a verification.
    • Manage vulnerabilities of affected assets Manage vulnerabilities
      • You can click Fix in the Actions column to fix one or more related vulnerabilities simultaneously. Fix Vulnerabilities
      • Verify: A Web-CMS vulnerability fix takes effect immediately after it is completed. You do not need to verify the fix after you complete it.
      • Add a vulnerability to the whitelist

        In the upper-right corner of the Detail tab, click Add to Whitelist to add the vulnerability to the whitelist. After a vulnerability is added to the whitelist, Security Center no longer generates alerts upon this vulnerability.

        The vulnerability added to the whitelist is removed from the vulnerability column on the Web-CMS tab. It is added to the Vul Whitelist in the Settings module.

        If you want Security Center to detect and generate alerts upon a vulnerability that is already added to the whitelist, select the vulnerability on the Settings page and then click Remove to remove the vulnerability from the whitelist.

      • Ignore vulnerabilities

        Select the target vulnerability, click Ignore/Undo Fix and then select Ignore. Security Center no longer alerts you of this vulnerability.

        Note After you Ignore a vulnerability, the status of the vulnerability is changed to Ignored. If you want Security Center to alert you of an ignored vulnerability again, select the vulnerability in the Handled vulnerability list and click Cancel ignore.
    • Export affected assets
      In the upper-right corner of the Pending Vulnerability tab, click the Export icon (Export affected assets) to export assets exposed to a vulnerability to a local computer. The assets are exported to an Excel file.
      Note It may take a long time to export the assets, depending on the file size.
    • Save filtered vulnerabilities

      In the upper-right corner of the Pending Vulnerability tab, you can click The Save icon to save the filtered vulnerability as a group. This allows you to monitor the group of vulnerabilities.

      Save filtered vulnerabilities