SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
This rule is designed to look for the crafted URI and parameters as part of the exploitation process.
What To Look For
This rule alerts on potential attempts to exploit CVE-2021-27076 against SharePoint servers.
No public information
No known false positives
Cisco Talos Intelligence Group