Rule Category

SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.

Alert Message

SERVER-WEBAPP Microsoft Sharepoint machineKey information disclosure attempt

Rule Explanation

This rule will alert when there's an attempt to exploit CVE-2020-17061 on Microsoft Sharepoint

What To Look For

This rule will alert when there's an attempt to exploit CVE-2020-17061

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

MITRE ATT&CK Framework

Tactic: Execution

Technique: User Execution

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org

Additional Links

Rule Vulnerability

N/A

Not Applicable

CVE Additional Information