ET WEB_SPECIFIC_APPS Jiecheng Management Information System CWSFinanceCommon SQL injection

SID: 2049386Rev: 247 views
History
Sourceet/open
CreatedNovember 29, 2023
UpdatedJune 23, 2024
Classificationattempted-admin
alert http $EXTERNAL_NET any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET WEB_SPECIFIC_APPS Jiecheng Management Information System CWSFinanceCommon SQL injection"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/EnjoyRMIS_WS/WS/APS/CWSFinanceCommon.asmx"; fast_pattern; http.request_body; content:"|3c|GetOSpById"; content:"|3c|sId|3e|"; content:"|3b|"; distance:0; content:"|3c2f|sId|3e|"; distance:0; reference:url,www.wevul.com/3806.html; classtype:attempted-admin; sid:2049386; rev:2; metadata:attack_target Server, created_at 2023_11_29, deployment Perimeter, deployment Internal, confidence Medium, signature_severity Major, tag Exploit, updated_at 2024_06_23, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)

References

urlwww.wevul.com/3806.html

Metadata

attack targetServer
created at2023_11_29
deploymentInternal
confidenceMedium
signature severityMajor
tagExploit
updated at2024_06_23
mitre tactic idTA0001
mitre tactic nameInitial_Access
mitre technique idT1190
mitre technique nameExploit_Public_Facing_Application

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!