ET WEB_CLIENT [Volex] Possible ColdFusion Unauthenticated Upload Attempt (CVE-2018-15961)

SID: 2026604Rev: 30 viewsHistory

Sourceet/open

CreatedNovember 13, 2018

UpdatedSeptember 16, 2020

Classificationattempted-user

alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_CLIENT [Volex] Possible ColdFusion Unauthenticated Upload Attempt (CVE-2018-15961)"; flow:to_server,established; http.method; content:"POST"; http.uri; content:"/upload.cfm?action=upload"; nocase; fast_pattern; endswith; reference:cve,2018-15961; reference:url,volexity.com/blog/2018/11/08/active-exploitation-of-newly-patched-coldfusion-vulnerability-cve-2018-15961/; classtype:attempted-user; sid:2026604; rev:3; metadata:affected_product Adobe_Coldfusion, attack_target Web_Server, created_at 2018_11_13, cve CVE_2018_15961, deployment Perimeter, performance_impact Low, confidence Medium, signature_severity Major, tag CVE_2018_15961, tag CISA_KEV, updated_at 2020_09_16;)

References

cve	2018-15961
url	volexity.com/blog/2018/11/08/active-exploitation-of-newly-patched-coldfusion-vulnerability-cve-2018-15961/

Metadata

affected productAdobe_Coldfusion

attack targetWeb_Server

created at2018_11_13

cveCVE-2018-15961

deploymentPerimeter

performance impactLow

confidenceMedium

signature severityMajor

tagCISA_KEV

updated at2020_09_16

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!