Rule Category

--

Alert Message

(http_inspect) UNKNOWN METHOD

Rule Explanation

HTTP request method is not known to Snort. Snort is familiar with all RFC methods and dozens of other methods.

What To Look For

An unknown HTTP method was detected

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos

MITRE ATT&CK Framework

Tactic: Defense Evasion

Technique: Web Service

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org

Rule Vulnerability

Authentication Bypass

An Authentication Bypass occurs when there is a way to avoid providing user credentials to a system before performing restricted operations on said system.

CVE Additional Information