SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Java ClassLoader access attempt
An attacker could potentially gain remote code execution on a vulnerable web application that exposes the class object. This can be used to alter core settings of the application and allow for a web shell to be uploaded.
This rule alerts on an attempt to access the protected Java ClassLoader object.
Attacks/Scans seen in the wild
No known false positives
Cisco Talos Intelligence Group
No rule groups
Escalation of Privilege
An Escalation of Privilege (EOP) attack is any attack method that results in a user or application gaining permissions to access resources they normally would not have access to.