ATTACK [PTsecurity] Spring AMQP <1.7.4, 1.6.11, 1.5.7 Java Object Deserialization RCE (CVE--2017-8045)
Sourceptrules/open
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert tcp any 5672 -> any any (msg:"ATTACK [PTsecurity] Spring AMQP <1.7.4, 1.6.11, 1.5.7 Java Object Deserialization RCE (CVE--2017-8045)"; flow:established, no_stream; content:"application/x-java-serialized-object"; nocase; content:"|03|"; distance:1; within:1; content:"java."; distance:0; pcre:"/application/x-java-serialized-object.{0,110}(?:org\.(?:apache\.|springframework\.|jboss\.|hibernate\.)|java(?:x\.management\.|\.rmi\.)|com\.sun\.|sun\.reflect\.)/"; reference:cve, 2017-8045; reference:url, pivotal.io/security/cve-2017-8045; reference:url, rules.ptsecurity.com; classtype:attempted-admin; sid:10002274; rev:1;)
References
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!