Security Center can detect and fix Web-CMS vulnerabilities. The Web-CMS vulnerability detection feature monitors website directories and identifies common website builders. This feature detects the vulnerabilities in website builders by comparing vulnerability files with the vulnerability library. This topic describes how to view information about Web-CMS vulnerabilities and handle the vulnerabilities.

Background information

The Web-CMS vulnerability detection feature obtains information about the latest Web-CMS vulnerabilities and patches, and delivers the patches. This allows you to quickly detect and fix Web-CMS vulnerabilities. This feature detects vulnerabilities in a timely manner, provides vulnerability fixes, and applies patches to fix multiple vulnerabilities at a time.

Note
  • The Basic and Basic Anti-virus editions of Security Center can only detect vulnerabilities. To enable the vulnerability fix feature, upgrade Security Center to the Advanced or Enterprise edition. For more information about features supported by each edition of Security Center, see Features.
  • After you fix Web-CMS vulnerabilities in the Security Center console, the fixes take effect immediately. You do not need to verify the fixes.

View the details of vulnerabilities

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Vulnerabilities.
  3. On the Vulnerabilities page, click the Web CMS tab.
  4. On the Web CMS tab, view information about all Web-CMS vulnerabilities detected by Security Center.
    • View vulnerability informationVulnerabilities
    • View vulnerability priorities

      All Web-CMS vulnerabilities can cause serious damage.This is confirmed by Alibaba Cloud security engineers. Therefore, the priorities of detected Web-CMS vulnerabilities are High and marked in red.

      Priority
      Note We recommend that you fix Web-CMS vulnerabilities in a timely manner.
    • Add a vulnerability to the whitelist

      On the Web CMS tab, select the vulnerability you want to add to the whitelist and click Add to Whitelist. After you add a vulnerability to the whitelist, Security Center no longer generates alerts when this vulnerability is detected.

      The vulnerability that is added to the whitelist is removed from the Vulnerability column on the Web CMS tab. It is added to the Vul Whitelist column on the Settings pane.

      If you want Security Center to detect and generate alerts on a vulnerability that is added to the whitelist, select the vulnerability on the Settings page and click Remove to remove the vulnerability from the whitelist.

      Remove a vulnerability from the whitelist
    • Fix multiple vulnerabilities at a time

      When you fix multiple vulnerabilities at a time, the affected assets are automatically identified and the vulnerabilities on these assets are fixed. On the Web CMS tab, select the vulnerabilities that you want to fix and click Batch Repair. In the Batch Repair dialog box, you can view the assets that are affected by vulnerabilities and click Fix Now.

      Note You can select only the vulnerabilities on the current page. Each page displays 10, 20, or 50 vulnerabilities. Therefore, you can fix a maximum of 50 vulnerabilities at a time.
    • Filter vulnerabilities

      On the Web CMS tab, filter vulnerabilities by severity level (high, medium,or low), asset group, vulnerability status (handled or unhandled), or vulnerability name.

      Filter vulnerabilities
      Note You can specify a keyword to search for vulnerabilities whose names contain the keyword.
    • Export vulnerabilities
      On the Web CMS tab, click the The Export icon icon to export and save all detected vulnerabilities to your computer. The vulnerabilities are exported to an Excel file.
      Note The export of vulnerability data takes some time. The time varies based on the amount of data to be exported.

Handle vulnerabilities

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Vulnerabilities.
  3. On the Vulnerabilities page, click the Web CMS tab.
  4. In the Vulnerability column, click the name of the vulnerability that you want to handle, or click Fix in the Actions column of the vulnerability that you want to handle to go to the Detail tab.
    You can view the details of the vulnerability, number of unhandled vulnerabilities, and information about affected assets.Detail tab
  5. On the Detail tab, you can view and handle the vulnerability.
    Perform the following operations based on your requirements:
    • View vulnerability details

      The Detail tab displays all the affected assets and vulnerabilities associated with the vulnerability. Analyze and manage multiple vulnerabilities at a time.

      • On the Detail tab, you can view the brief introduction and solution to this vulnerability.
      • On the Pending vulnerability tab, view the assets that are affected by this vulnerability.

        You can view the assets affected by the vulnerability and the status of the vulnerability. You can also verify, fix, ignore, or add the vulnerability to the whitelist.

      View vulnerability details
      On the Detail tab, click an asset in the Affected Asset column to go to the Vulnerabilities tab of the Assets page. On this tab, view the information about all Web-CMS vulnerabilities associated with this asset.Assets page
    • View vulnerability priorities

      All Web-CMS vulnerabilities can cause serious damage.This is confirmed by Alibaba Cloud security engineers. Therefore, the priorities of detected Web-CMS vulnerabilities are High and marked in red.

      Vulnerability priorities
      Note We recommend that you fix Web-CMS vulnerabilities in a timely manner.
    • Filter vulnerabilities

      On the Pending vulnerability tab, you can filter affected assets by vulnerability priority, asset group, vulnerability status, server IP address, VPC name, or server name. The vulnerability priorities include High, Medium, and Low. The vulnerability status includes Handled and Unhandled.

      Filter vulnerabilities
      Note Fuzzy match is supported for vulnerability search by server IP address or name.
    • View vulnerability status
      • Handled
        • Handled: The vulnerability is fixed.
        • Ignored: The vulnerability is ignored. Security Center no longer generates alerts when this vulnerability is detected.
        • Invalid: The vulnerability cannot be detected. You may have already deleted the file that contains vulnerabilities.
      • Unhandled
        • Unfixed: The vulnerability is not fixed.
        • Fixing: The vulnerability is being fixed.
        • Fix Failed: Security Center failed to fix the vulnerability. The file that contains vulnerabilities data may have been modified or does not exist.
        • Verifying: Security Center is checking whether the vulnerability is fixed.
    • Handle vulnerabilities of the affected assets

      In the Actions column, you can fix, verify, ignore, or add the vulnerability to the whitelist.

      Fix vulnerabilities
      • Fix vulnerabilities
        Click Fix in the Actions column to fix one or more associated vulnerabilities at a time. In the Repair dialog box, click Fix Now.
        Note To avoid losses, we recommend that you back up the data in your system before you fix the vulnerability.
      • Verify: If you fix a vulnerability by fixing it on the server or by using fixing software, you must click Verify. After the verification, the status of the vulnerability is updated. If you fix a Web-CMS vulnerability in the Security Center console, the fix takes effect immediately. You do not need to verify the fix.
      • Add a vulnerability to the whitelist

        In the upper-right corner of the details page of a vulnerability, select one or more vulnerabilities and click Add to Whitelist. After you add the vulnerabilities to the whitelist, Security Center no longer generates alerts on these vulnerabilities.

        The vulnerability that is added to the whitelist is removed from the Vulnerability column on the Web CMS tab. It is added to the Vul Whitelist column on the Settings pane.

        If you want Security Center to detect and generate alerts on a vulnerability that is added to the whitelist, select the vulnerability on the Settings page and click Remove to remove the vulnerability from the whitelist.

      • Ignore vulnerabilities

        Select a vulnerability that you want to ignore, click Ignore a vulnerability or roll back a vulnerability fix in the Actions column, and then select Ignore. After this operation is complete, Security Center no longer generates alerts on the vulnerability.

        Note After you ignore a vulnerability, the status of the vulnerability changes to Ignored. If you want Security Center to generate alerts on an ignored vulnerability, select the vulnerability in the Handled vulnerability list and click Cancel ignore.
    • Export affected assets
      In the upper-left corner of the Pending vulnerability tab, click The Export icon to export affected asset records to your on-premises machine. The exported file is in the Excel format.
      Note The export of asset records takes some time. The time varies based on the amount of asset data to be exported.
    • Save filtered vulnerabilities

      In the upper-left corner of the Pending vulnerability tab, click The Save icon to save the filtered vulnerabilities as a group. This helps you track the status of multiple vulnerabilities at a time.

      Save filtered vulnerabilities