ET WEB_SPECIFIC_APPS Possible Apache Struts OGNL Expression Injection (CVE-2017-5638) M3

SID: 2024045Rev: 32 views
History
Sourceet/open
CreatedMarch 13, 2017
UpdatedAugust 4, 2020
Classificationweb-application-attack
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Possible Apache Struts OGNL Expression Injection (CVE-2017-5638) M3"; flow:to_server,established; http.header; content:"Content-Type|3a 20|%{(#"; nocase; fast_pattern; content:"multipart/form-data"; classtype:web-application-attack; sid:2024045; rev:3; metadata:affected_product Apache_Struts2, attack_target Web_Server, created_at 2017_03_13, deployment Datacenter, performance_impact Low, confidence Medium, signature_severity Major, tag CISA_KEV, updated_at 2020_08_04;)

Metadata

affected productApache_Struts2
attack targetWeb_Server
created at2017_03_13
deploymentDatacenter
performance impactLow
confidenceMedium
signature severityMajor
tagCISA_KEV
updated at2020_08_04

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!