SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Atlassian Jira makeRequest server side request forgery attempt
This event its generated when a server side request forgery attempt is made on the /plugins/servlet/gadgets/makeRequest resource in Jira. Impact: Web Application Attack Details: This rule detects the use of an '@' symbol in the URL parameter of the /plugins/servlet/gadgets/makeRequest resource in Jira, which circumvents the URL whitelist check. Ease of Attack:
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2019-8451 |
Loading description
|