Version Details
Rev: 2 • Jan 28, 2022, 12:00 PMET EXPLOIT Cisco REST API Container for Cisco IOS XE Software Authentication Bypass - Token Usage (CVE-2019-12643)
alert http any any -> [$HOME_NET,$HTTP_SERVERS] 55443 (msg:"ET EXPLOIT Cisco REST API Container for Cisco IOS XE Software Authentication Bypass - Token Usage (CVE-2019-12643)"; flow:established,to_server ; xbits:isset,ET.Cisco_ABypass,track ip_pair,expire 60 ; http.method; content:"GET"; http.header_names; content:"X-auth-token"; nocase; reference:cve,2019-12643 ; classtype:successful-admin; sid:2035012; rev:2; metadata:attack_target Server, created_at 2022_01_28, cve CVE_2019_12643, deployment Perimeter, deployment Internal, signature_severity Major, tag Exploit, updated_at 2022_01_28;)
Jan 28, 2022, 12:00 PM
Jan 28, 2022, 12:00 PM
Jan 28, 2022, 12:00 PM
May 31, 2024, 9:00 PM
May 30, 2025, 5:56 PM