Rule History

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET DELETED Possible Apache Struts OGNL Expression Injection (CVE-2017-5638) (Content-Length) M2"; flow:to_server,established; content:"Content-Length|3a 20 25 7b 28|"; nocase; content:"{"; content:"}"; classtype:web-application-attack; sid:2024095; rev:2; metadata:affected_product Apache_Struts2, attack_target Web_Server, created_at 2017_03_20, deployment Datacenter, signature_severity Major, tag CISA_KEV, updated_at 2019_07_26;)