ET EXPLOIT Bonitasoft Successful Default User Login Attempt (Possible Staging for CVE-2022-25237)

SID: 2036817Rev: 10 views
History
Sourceet/open
CreatedJune 3, 2022
UpdatedJune 3, 2022
Classificationsuccessful-admin
alert http [$HTTP_SERVERS,$HOME_NET] any -> any any (msg:"ET EXPLOIT Bonitasoft Successful Default User Login Attempt (Possible Staging for CVE-2022-25237)"; flow:established,to_client; flowbits:isset,ET.BonitaDefaultCreds; http.cookie; content:"JSESSIONID="; content:"X-Bonita-API-Token="; fast_pattern; reference:url,rhinosecuritylabs.com/application-security/cve-2022-25237-bonitasoft-authorization-bypass/; reference:cve,2022-25237; classtype:successful-admin; sid:2036817; rev:1; metadata:attack_target Server, created_at 2022_06_03, cve CVE_2022_25237, deployment Perimeter, deployment SSLDecrypt, confidence Medium, signature_severity Major, updated_at 2022_06_03;)

References

urlrhinosecuritylabs.com/application-security/cve-2022-25237-bonitasoft-authorization-bypass/
cve2022-25237

Metadata

attack targetServer
created at2022_06_03
deploymentSSLDecrypt
confidenceMedium
signature severityMajor
updated at2022_06_03

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!