SERVER-OTHER -- Snort has detected traffic exploiting vulnerabilities in a server in the network.
SERVER-OTHER TippingPoint web interface reverse DNS lookup cross site scripting attempt
The rule detects detects '><' in a DNS query response which indicates the presence of JS.
This rule detects the Reverse DNS Lookup Cross Site Scripting that attackers might attempt against TippingPoint web interface by embedding JS in DNS query response.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
None
No information provided
None
Tactic: Initial Access
Technique: Drive-by Compromise
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org