SERVER-OTHER -- Snort has detected traffic exploiting vulnerabilities in a server in the network.
SERVER-OTHER Microsoft Sharepoint Server remote code execution attempt
The rule is looking for sequence of function calls that can be used to exploit CVE-2021-1707
What To Look For
This rule alerts on the exploitation attempt to perform remote code execution using CVE-2021-1707
No public information
No known false positives
Cisco Talos Intelligence Group