SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP OpenEMR command injection attempt
This rule is looking for commands injected into the new scanned_notes form of OpenEMR by an authenticated user. The rule looks for special characters used to cause a vulnerable system to execute commands.
This rule detects a command injection attempt in the new scanned notes form of OpenEMR.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2019-3968 |
Loading description
|
Tactic: Execution
Technique: Scripting
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org