- What's New
- Function Overview
- Service Overview
- Billing
- Getting Started
- User Guide
- Best Practices
- SDK Reference
-
FAQs
-
Product Consulting
- What Does SA Do?
- Why Is There No Attack Data or Only A Small Amount of Attack Data?
- What Is the Data Source of Situation Awareness?
- How Do I Get Information About the Most Vulnerable Assets?
- What Are the Dependencies and Differences Between SA and Other Security Services?
- What Are the Differences Between SA and HSS?
- Why Cannot the Total ECS Quota Be Less Than the Number of Existing ECSs?
- Can SA Be Used Across Accounts?
- How Do I Update My Security Score?
- How Do I Handle a Brute-force Attack?
- How Do I Assign Operation Permissions to an Account?
- How Do I Handle the 403 forbidden Error Reported by SA?
- Why Is the Event Data in SA Inconsistent with That in WAF and HSS?
- What Are Differences Between SA and SecMaster?
- Purchase Consulting
- Regions and AZs
-
Product Consulting
- Videos
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Edition Upgrade
- Permissions Management
- Editions
- Security Overview
- Resource Manager
- Threat Alarms
- Baseline Inspection
- Events
- Logs
- Integrations
- Settings
-
FAQs
-
Product Consulting
- What Does SA Do?
- Why Is There No Attack Data or Only A Small Amount of Attack Data?
- What Is the Data Source of Situation Awareness?
- How Do I Get Information About the Most Vulnerable Assets?
- What Are the Dependencies and Differences Between SA and Other Security Services?
- Why Cannot the Total ECS Quota Be Less Than the Number of Existing ECSs?
- How Do I Update My Security Score?
- How Do I Handle a Brute-force Attack?
- How Do I Assign Operation Permissions to an Account?
- Why Is the Event Data in SA Inconsistent with That in WAF and HSS?
- Purchase Consulting
-
Product Consulting
- Change History
-
User Guide (ME-Abu Dhabi Region)
- General Reference
Show all
Copied.
Exploits
Overview
A vulnerability is a weakness that can be exploited by a threat actor, such as an attacker, to perform unauthorized actions within a computer system. Attackers exploit vulnerabilities to obtain rights, steal sensitive data, or sabotage software and hardware systems.
Suggestion
If an exploit is detected, handle the threat by following the instructions in Table 1.
Threat Alarm |
Severity |
Threat Description |
Suggestion |
---|---|---|---|
MySQL exploit |
Low |
If SA detects that an ECS instance is attacked using the MySQL vulnerability, the ECS instance is attacked using the MySQL vulnerability. |
The main cause of the attack is that the MySQL service is enabled on the public network for the ECS instance. Therefore, you are advised to perform the following operations:
|
Redis exploit |
Low |
If SA detects that an ECS instance is attacked using the Redis vulnerability, the ECS instance is attacked using the Redis vulnerability. |
The main cause of the attack is that the Redis service is enabled on the public network for the ECS instance. Therefore, you are advised to perform the following operations:
|
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot