Versions (3)
Version DetailsCurrent
Rev: 1 • Sep 8, 2023, 12:00 PMET INFO JSCAPE MFT - HTTP Management Service Detected via Set-Cookie
alert http [$HOME_NET,$HTTP_SERVERS] any -> any any (msg:"ET INFO JSCAPE MFT - HTTP Management Service Detected via Set-Cookie"; flow:established,to_client; http.cookie; content:"JSESSIONID_11880="; fast_pattern; content:"MFTCSX="; threshold:type limit, count 1, seconds 600, track by_src; reference:url,rapid7.com/blog/post/2023/09/07/cve-2023-4528-java-deserialization-vulnerability-in-jscape-mft-fixed/; reference:url,www.jscape.com/blog/binary-management-service-patch-cve-2023-4528; classtype:not-suspicious; sid:2047977; rev:1; metadata:created_at 2023_09_08, deployment Perimeter, deployment Internal, deployment SSLDecrypt, performance_impact Low, confidence High, signature_severity Informational, updated_at 2023_09_08, reviewed_at 2023_09_08;)
Sep 8, 2023, 12:00 PM
Sep 8, 2023, 12:00 PM
Sep 21, 2024, 3:00 AM
Sep 21, 2024, 3:00 AM
rules/emerging-info.rules