SID 1:51961

Report a false positive

Rule Category

SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.

Alert Message

SERVER-WEBAPP Jenkins CLI arbitrary Java object deserialization attempt

Rule Explanation

This event is generated when a serialized java object is sent to the Jenkins CLI. Impact: Attempted Administrator Privilege Gain Details: A Java object deserialization vulnerability exists in the Jenkins CLI interface. This event is triggered when a serialized Java object is sent to the interface. Ease of Attack:

What To Look For

No information provided

Known Usage

No public information

False Positives

Known false positives, with the described conditions

Non-malicious serialized java objects

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

CVE-2016-9299

Additional Links

jenkins.io/security/advisory/2016-11-16/
jenkins.io/security/advisory/2017-04-26/

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2016-9299
 Loading description