Versions (5)
Version DetailsCurrent
Rev: 2 • Apr 26, 2022, 12:00 PMET EXPLOIT [ConnectWise CRU] Java ECDSA (Psychic) TLS Signature (CVE-2022-21449)
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT [ConnectWise CRU] Java ECDSA (Psychic) TLS Signature (CVE-2022-21449)"; flow:established,to_client; tls.certs; content:"|04 03 00 08 30 06 02 01 00 02 01 00|"; tag:session,5,packets; reference:url,github.com/thack1/CVE-2022-21449; reference:cve,2022-21449; classtype:targeted-activity; sid:2036377; rev:2; metadata:created_at 2022_04_26, cve CVE_2022_21449, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_04_25;)
Apr 26, 2022, 12:00 PM
Apr 25, 2024, 12:00 PM
Sep 21, 2024, 3:00 AM
Sep 3, 2025, 8:34 PM
rules/emerging-exploit.rules