SERVER-APACHE -- Snort has detected traffic exploiting vulnerabilities in Apache servers.
SERVER-APACHE Apache Tomcat open redirect attempt
This rule looks for a malicious open redirect pattern sent towards a vulnerable Apache Tomcat server that causes a redirection to a non-public existent resource in the server that would expose it to an attacker.
What To Look For
This rule looks for a malicious open redirect attempt
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
Tactic: Defense Evasion
Technique: Hidden Files and Directories
For reference, see the MITRE ATT&CK vulnerability types here:
Information Leakage happens when an attacker manipulates a system into revealing sensitive information, either through malformed input or by taking advantage of another feature of the system.
CVE Additional Information