SERVER-OTHER -- Snort has detected traffic exploiting vulnerabilities in a server in the network.
SERVER-OTHER Microsoft Sharepoint Server remote code execution attempt
The rule is looking for sequence of function calls that can be used to exploit CVE-2021-1707
This rule alerts on the exploitation attempt to perform remote code execution using CVE-2021-1707
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
N/A
Not Applicable
CVE-2021-1707 |
Loading description
|
Tactic: Execution
Technique: Execution through API
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org