os-patches-outdated: OS Patches - Outdated

日期: 2025-08-01 | 影响软件: OS Patches | POC: 已公开

漏洞描述

Ensure that the latest OS patches for ECS virtual machines (VM) instances are applied in order to mitigate security vulnerabilities and ensure optimal performance and stability.

PoC代码[已公开]

id: os-patches-outdated

info:
  name: OS Patches - Outdated
  author: DhiyaneshDK
  severity: medium
  description: |
    Ensure that the latest OS patches for ECS virtual machines (VM) instances are applied in order to mitigate security vulnerabilities and ensure optimal performance and stability.
  reference:
    - https://www.trendmicro.com/cloudoneconformity/knowledge-base/alibaba-cloud/AlibabaCloud-ECS/apply-latest-os-patches.html
    - https://www.alibabacloud.com/help/en/security-center/user-guide/fix-software-vulnerabilities
  metadata:
    max-request: 1
    verified: true
  tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,ecs

variables:
  region: "cn-hangzhou"

self-contained: true

code:
  - engine:
      - sh
      - bash
    source: |
      aliyun sas DescribeVulList --Type cve --region $region

    matchers-condition: and
    matchers:
      - type: word
        words:
          - '"RaspStatus":'
          - '"Type":'
        condition: and

      - type: word
        words:
          - '"TotalCount": 0'
          - '"VulRecords":'
        condition: and
        negative: true

    extractors:
      - type: dsl
        dsl:
          - '" OS Patches are Outdated "'
# digest: 490a004630440220075d428a4f7bf677cfb89468182e7f1e917c233bd6df02a9df3e0bc705434aa502204af7cc4cfcff4b1cbdb9b876b678b263a1486cbb328c2045cd209970f6221e3a:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./cloud/alibaba/ecs/os-patches-outdated.yaml