ET WEB_SERVER MongoDB Negated Parameter Server Side JavaScript Injection Attempt

SID: 2019460Rev: 41 views
History
Sourceet/open
CreatedOctober 17, 2014
UpdatedSeptember 25, 2020
Classificationweb-application-attack
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER MongoDB Negated Parameter Server Side JavaScript Injection Attempt"; flow:established,to_server; http.uri; content:"[$ne]"; fast_pattern; reference:url,blog.imperva.com/2014/10/nosql-ssji-authentication-bypass.html; reference:url,docs.mongodb.org/manual/reference/operator/query/ne/; classtype:web-application-attack; sid:2019460; rev:4; metadata:created_at 2014_10_17, signature_severity Major, updated_at 2020_09_25;)

References

urlblog.imperva.com/2014/10/nosql-ssji-authentication-bypass.html
urldocs.mongodb.org/manual/reference/operator/query/ne/

Metadata

created at2014_10_17
signature severityMajor
updated at2020_09_25

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!