SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Microsoft Exchange Control Panel remote code execution attempt
This rule will look for attempts to execute arbitrary code via specially crafted requests to Microsoft's Exchange Control Panel web-application. Successful exploitation requires, however, that attackers have access to valid credentials for an Exchange Server.
This rule will fire on attempts to exploit a remote code execution vulnerability in Microsoft's Exchange Server's Exchange Control Panel.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
Escalation of Privilege
An Escalation of Privilege (EOP) attack is any attack method that results in a user or application gaining permissions to access resources they normally would not have access to.
CVE-2020-0688 |
Loading description
|
Tactic: Execution
Technique: Exploitation for Client Execution
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org