ET WEB_SPECIFIC_APPS Cisco Smart Licensing Utility customer-cslu-lib-log.log Access Attempt (CVE-2024-20440)

SID: 2056028Rev: 1170 views

Sourceet/open

CreatedSeptember 20, 2024

UpdatedSeptember 20, 2024

Classificationcredential-theft

alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Cisco Smart Licensing Utility customer-cslu-lib-log.log Access Attempt (CVE-2024-20440)"; flow:established,to_server; http.method; content:"GET"; http.uri; bsize:43; content:"/cslu/v1/var/logs/customer-cslu-lib-log.log"; fast_pattern; reference:url,github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-20440.yaml; reference:cve,2024-20440; classtype:credential-theft; sid:2056028; rev:1; metadata:attack_target Server, tls_state TLSDecrypt, created_at 2024_09_20, cve CVE_2024_20440, deployment Perimeter, deployment Internal, deployment SSLDecrypt, performance_impact Low, confidence High, signature_severity Major, updated_at 2024_09_20; target:dest_ip;)

References

url	github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-20440.yaml
cve	2024-20440

Metadata

attack targetServer

tls stateTLSDecrypt

created at2024_09_20

cveCVE-2024-20440

deploymentSSLDecrypt

performance impactLow

confidenceHigh

signature severityMajor

updated at2024_09_20

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!