ET EXPLOIT TIBCO JasperReports Authenticated Arbitrary File Read Attempt (CVE-2018-5430)

SID: 2043229Rev: 12 viewsHistory

Sourceet/open

CreatedJanuary 5, 2023

UpdatedJanuary 5, 2023

Classificationweb-application-attack

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT TIBCO JasperReports Authenticated Arbitrary File Read Attempt (CVE-2018-5430)"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/flow.html?_flowId=sampleFlow&"; pcre:"/^page=\.\..+/RUi"; reference:cve,2018-5430; reference:url,rhinosecuritylabs.com/application-security/authenticated-file-read-vulnerability-in-jasperreports/; classtype:web-application-attack; sid:2043229; rev:1; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2023_01_05, cve CVE_2018_5430, deployment Perimeter, deployment Datacenter, deployment SSLDecrypt, performance_impact Low, confidence High, signature_severity Major, tag CISA_KEV, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_01_05;)

References

cve	2018-5430
url	rhinosecuritylabs.com/application-security/authenticated-file-read-vulnerability-in-jasperreports/

Metadata

affected productWeb_Server_Applications

attack targetWeb_Server

created at2023_01_05

cveCVE-2018-5430

deploymentSSLDecrypt

performance impactLow

confidenceHigh

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2023_01_05

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!