ET EXPLOIT Tomcat File Upload Payload Request (CVE-2017-12615)

7.0.35.0SID: 2027517Rev: 4Enabled1 views
Sourceet/open
Fileemerging-exploit.rules
CreatedJune 26, 2019
UpdatedMarch 7, 2024
Classificationattempted-user
alert http any any -> $HOME_NET any (msg:"ET EXPLOIT Tomcat File Upload Payload Request (CVE-2017-12615)"; flow:established,to_server; http.method; content:"GET"; http.uri; content:".jsp?view="; fast_pattern; content:"&os="; distance:0; content:"&address="; distance:0; reference:cve,2017-12615; reference:url,forums.juniper.net/t5/Threat-Research/Anatomy-of-the-Bulehero-Cryptomining-Botnet/ba-p/458787; classtype:attempted-user; sid:2027517; rev:4; metadata:created_at 2019_06_26, cve CVE_2017_12615, deployment Perimeter, performance_impact Moderate, signature_severity Major, tag CISA_KEV, updated_at 2024_03_07, reviewed_at 2024_05_06;)

Metadata

created at2019_06_26
deploymentPerimeter
performance impactModerate
signature severityMajor
tagCISA_KEV
updated at2024_03_07
reviewed at2024_05_06

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!