Think you have a false positive on this rule?

Sid 1-50455

Message

SERVER-WEBAPP IBM WebSphere Application Server remote code execution attempt

Summary

This event is generated when an IBM WebSphere Application Server remote code execution attempt is detected. An attacker can upload and run an executable file through this vulnerability.

Impact

Web Application Attack

Detailed information

Affected systems

Ease of attack

False positives

False negatives

Corrective action

Contributors

  • Cisco Talos Intelligence Group

Additional References

  • CVE-2019-4279
  • www-01.ibm.com/support/docview.wss?uid=ibm10883628