ET EXPLOIT Potential Adobe Experience Manager (AEM) Dispatcher Bypass Attempt

SID: 2048213Rev: 127 views
History
Sourceet/open
CreatedSeptember 22, 2023
UpdatedSeptember 22, 2023
Classificationattempted-admin
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT Potential Adobe Experience Manager (AEM) Dispatcher Bypass Attempt"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/bin/querybuilder.json"; startswith; fast_pattern; isdataat:2,relative; reference:url,isc.sans.edu/diary/Obfuscated+Scans+for+Older+Adobe+Experience+Manager+Vulnerabilities/30230/; reference:url,adapt.to/2019/presentations/adaptto2019-securing-aem-webapps-by-hacking-them-mikhail-egorov.pdf; classtype:attempted-admin; sid:2048213; rev:1; metadata:affected_product Adobe_Experience_Manager, attack_target Client_Endpoint, created_at 2023_09_22, deployment Perimeter, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_09_22, reviewed_at 2023_09_22;)

References

urlisc.sans.edu/diary/Obfuscated+Scans+for+Older+Adobe+Experience+Manager+Vulnerabilities/30230/
urladapt.to/2019/presentations/adaptto2019-securing-aem-webapps-by-hacking-them-mikhail-egorov.pdf

Metadata

affected productAdobe_Experience_Manager
attack targetClient_Endpoint
created at2023_09_22
deploymentPerimeter
confidenceMedium
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2023_09_22
reviewed at2023_09_22

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!