ET WEB_SERVER Possible Apache Struts OGNL Expression Injection

SID: 2023535Rev: 30 viewsHistory

Sourceet/open

CreatedNovember 18, 2016

UpdatedAugust 3, 2020

Classificationweb-application-attack

alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible Apache Struts OGNL Expression Injection"; flow:to_server,established; http.uri; content:"|24 7b|"; content:"|25 7b|"; distance:0; content:"|7d|"; distance:0; pcre:"/\${\s*?%{/"; reference:cve,2013-2135; reference:bugtraq,60345; reference:url,cwiki.apache.org/confluence/display/WW/S2-015; classtype:web-application-attack; sid:2023535; rev:3; metadata:affected_product Apache_HTTP_server, attack_target Web_Server, created_at 2016_11_18, cve CVE_2013_2135, deployment Datacenter, performance_impact Low, confidence Medium, signature_severity Major, updated_at 2020_08_03;)

References

cve	2013-2135
bugtraq	60345
url	cwiki.apache.org/confluence/display/WW/S2-015

Metadata

affected productApache_HTTP_server

attack targetWeb_Server

created at2016_11_18

cveCVE-2013-2135

deploymentDatacenter

performance impactLow

confidenceMedium

signature severityMajor

updated at2020_08_03

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!