ET WEB_SPECIFIC_APPS pfSense CE 2.7.0 Stored Cross Site Script Attempt - Firewall Logs Dynamic View (CVE-2023-42325) - Suricata Rule 2049663 (et/open)

ET WEB_SPECIFIC_APPS pfSense CE 2.7.0 Stored Cross Site Script Attempt - Firewall Logs Dynamic View (CVE-2023-42325)

SID: 2049663Rev: 11 viewsHistory

Sourceet/open

CreatedDecember 12, 2023

UpdatedDecember 12, 2023

Classificationattempted-admin

alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS pfSense CE 2.7.0 Stored Cross Site Script Attempt - Firewall Logs Dynamic View (CVE-2023-42325)"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/status_logs_filter_dynamic.php?filtersubmit|3d|1&interface|3d|"; fast_pattern; content:"|22 3b|"; distance:0; within:50; content:"|2f 2f|"; distance:0; within:150; reference:url,www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/; reference:cve,2023-42325; classtype:attempted-admin; sid:2049663; rev:1; metadata:attack_target Networking_Equipment, created_at 2023_12_12, cve CVE_2023_42325, deployment Perimeter, deployment Internal, deployment SSLDecrypt, performance_impact Low, confidence High, signature_severity Major, updated_at 2023_12_12, reviewed_at 2024_10_03; target:dest_ip;)

References

url	www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/
cve	2023-42325

Metadata

attack targetNetworking_Equipment

created at2023_12_12

cveCVE-2023-42325

deploymentSSLDecrypt

performance impactLow

confidenceHigh

signature severityMajor

updated at2023_12_12

reviewed at2024_10_03

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!