SERVER-OTHER -- Snort has detected traffic exploiting vulnerabilities in a server in the network.
SERVER-OTHER Zoom client spoofed chat message attempt
This rule detects a Zoom chat message spoofing attempt in vulnerable versions of the Zoom client by looking for chat messages sent over an unauthenticated UDP channel instead of the authenticated TCP channel.
This rule detects a Zoom chat message spoofing attempt in vulnerable versions of the Zoom client.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
Authentication Bypass
An Authentication Bypass occurs when there is a way to avoid providing user credentials to a system before performing restricted operations on said system.
CVE-2018-15715 |
Loading description
|
Tactic: Impact
Technique: Runtime Data Manipulation
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org