ET WEB_SPECIFIC_APPS Liferay Unauthenticated RCE via JSONWS Inbound (CVE-2020-7961)

SID: 2031592Rev: 10 viewsHistory

Sourceet/open

CreatedJanuary 29, 2021

UpdatedJanuary 29, 2021

Classificationattempted-admin

alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET WEB_SPECIFIC_APPS Liferay Unauthenticated RCE via JSONWS Inbound (CVE-2020-7961)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/api/jsonws/"; http.request_body; content:".c3p0.WrapperConnectionPoolDataSource"; fast_pattern; content:"&defaultData.userOverridesAsString=HexAsciiSerializedMap|3a|"; distance:0; reference:url,www.synacktiv.com/en/publications/how-to-exploit-liferay-cve-2020-7961-quick-journey-to-poc.html; reference:cve,2020-7961; classtype:attempted-admin; sid:2031592; rev:1; metadata:attack_target Server, created_at 2021_01_29, cve CVE_2020_7961, deployment Perimeter, deployment Internal, confidence Medium, signature_severity Major, tag CISA_KEV, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2021_01_29;)

References

url	www.synacktiv.com/en/publications/how-to-exploit-liferay-cve-2020-7961-quick-journey-to-poc.html
cve	2020-7961

Metadata

attack targetServer

created at2021_01_29

cveCVE-2020-7961

deploymentInternal

confidenceMedium

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2021_01_29

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!