ET WEB_SPECIFIC_APPS XML External Entity Information Disclosure

SID: 2025877Rev: 31 viewsHistory

Sourceet/open

CreatedJuly 20, 2018

UpdatedAugust 25, 2020

Classificationattempted-recon

alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS XML External Entity Information Disclosure"; flow:established,to_server; http.method; content:"POST"; http.request_body; content:"<?xml version=|22|1.0|22 20|encoding="; content:"<!DOCTYPE"; content:"<!ENTITY"; content:"SYSTEM |22|file|3a|///etc/"; fast_pattern; reference:url,owasp.org/index.php/XML_External_Entity_(XXE)_Processing; classtype:attempted-recon; sid:2025877; rev:3; metadata:affected_product Linux, attack_target Web_Server, created_at 2018_07_20, deployment Datacenter, performance_impact Low, signature_severity Major, updated_at 2020_08_25, mitre_tactic_id TA0007, mitre_tactic_name Discovery, mitre_technique_id T1082, mitre_technique_name System_Information_Discovery;)

References

url	owasp.org/index.php/XML_External_Entity_(XXE)_Processing

Metadata

affected productLinux

attack targetWeb_Server

created at2018_07_20

deploymentDatacenter

performance impactLow

signature severityMajor

updated at2020_08_25

mitre tactic idTA0007

mitre tactic nameDiscovery

mitre technique idT1082

mitre technique nameSystem_Information_Discovery

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!