SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Apache OFBiz remote code execution attempt
This rule detects an attempted remote code execution attack against vulnerable versions of Apache OFBiz by looking for calls to the unauthenticated `/webtools/control/forgotPassword` URI followed by a sub-directory, leading to controller and view map fragmentation.
This rule detects an attempted remote code execution attack against vulnerable versions of Apache OFBiz.
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE::ATT&CK Framework::Enterprise::Initial Access::Exploit Public-Facing Application
Rule Categories::Server::Web Applications
Vulnerability::Severity::High
Vulnerability::Severity::Critical
Authentication Bypass
An Authentication Bypass occurs when there is a way to avoid providing user credentials to a system before performing restricted operations on said system.
CVE-2024-32113 |
Loading description
|
CVE-2024-36104 |
Loading description
|
CVE-2024-38856 |
Loading description
|
CVE-2024-45195 |
Loading description
|