ET WEB_SPECIFIC_APPS Fortify Software Security Center XML External Entity Injection 3

SID: 2025843Rev: 30 viewsHistory

Sourceet/open

CreatedJuly 16, 2018

UpdatedSeptember 16, 2020

Classificationattempted-user

alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Fortify Software Security Center XML External Entity Injection 3"; flow:established,to_server; http.uri; content:"/fm-ws/services"; fast_pattern; endswith; http.request_body; content:"<?xml"; content:"<!DOCTYPE data SYSTEM"; pcre:"/^[^>]+\x22\s*ftp\x3a\x2f\x2f/Ri"; reference:url,exploit-db.com/exploits/45027/; reference:cve,2018-12463; classtype:attempted-user; sid:2025843; rev:3; metadata:attack_target Web_Server, created_at 2018_07_16, cve CVE_2018_12463, deployment Datacenter, signature_severity Major, updated_at 2020_09_16;)

References

url	exploit-db.com/exploits/45027/
cve	2018-12463

Metadata

attack targetWeb_Server

created at2018_07_16

cveCVE-2018-12463

deploymentDatacenter

signature severityMajor

updated at2020_09_16

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!