SERVER-OTHER -- Snort has detected traffic exploiting vulnerabilities in a server in the network.
SERVER-OTHER Zoom client unauthorized user kick attempt
This rule detects a Zoom kick user control message spoofing attempt in vulnerable versions of the Zoom client by looking for kick user control messages sent over an unauthenticated UDP channel instead of the authenticated TCP channel.
This rule detects a Zoom kick user control message spoofing attempt in vulnerable versions of the Zoom client.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
Authentication Bypass
An Authentication Bypass occurs when there is a way to avoid providing user credentials to a system before performing restricted operations on said system.
CVE-2018-15715 |
Loading description
|
Tactic: Impact
Technique: Runtime Data Manipulation
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org