SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Microsoft Exchange Control Panel remote code execution attempt
This rule will look for attempts to execute arbitrary code via specially crafted requests to Microsoft's Exchange Control Panel web-application. Successful exploitation requires, however, that attackers have access to valid credentials for an Exchange Server.
This rule will fire on attempts to exploit a remote code execution vulnerability in Microsoft's Exchange Server's Exchange Control Panel.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2020-0688 |
Loading description
|
Tactic: Execution
Technique: Exploitation for Client Execution
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org