SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Jenkins CLI arbitrary Java object deserialization attempt
This event is generated when a serialized java object is sent to the Jenkins CLI. Impact: Attempted Administrator Privilege Gain Details: A Java object deserialization vulnerability exists in the Jenkins CLI interface. This event is triggered when a serialized Java object is sent to the interface. Ease of Attack:
No information provided
No public information
Known false positives, with the described conditions
Non-malicious serialized java objects
Cisco Talos Intelligence Group
No rule groups
CVE-2016-9299The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.