Web vulnerability repair apparatus, web server, web vulnerability repair method, and program

摘要

A Web vulnerability repair apparatus (50) detects the presence of a vulnerability of a Web application of a Web server (30) and the type of the vulnerability. The Web vulnerability repair apparatus (50) can acquire countermeasure information aimed to repair the vulnerability, according to the type of vulnerability. In addition, the Web vulnerability repair apparatus (50) repairs the vulnerability of the Web application of the Web server (30) using the countermeasure information. By this repair, it is possible to improve the security during the period from the time when a vulnerable part in a Web application is discovered to the time when it is manually repaired.

主权项

1. A Web vulnerability repair apparatus comprising:
a connection unit that connects to a countermeasure information storage unit, which stores vulnerability specification information and countermeasure information indicating a method of repairing vulnerability indicated by the vulnerability specification information so as to correspond to each other for each type of vulnerability of a Web application; a vulnerability information acquisition unit that acquires the vulnerability specification information specifying the type of vulnerability of a target Web application; and
an output unit that connects to the countermeasure information storage unit through the connection unit, acquires the countermeasure information corresponding to the vulnerability specification information acquired by the vulnerability information acquisition unit, and outputs the acquired countermeasure information, wherein the vulnerability information acquisition unit acquires point specification information, which includes a URL of the target Web application to be repaired and information specifying a vulnerable point of the target Web application, and which corresponds to the vulnerability specification information, and wherein the output unit determines a Web server having the target Web application using the point specification information.