Enterasys SIEM Dragon 7.7.2 Patch 2 "Unrecognized Threat Vulnerability Exploit Event"

  • 0
  • 1
  • Problem
  • Updated 3 years ago
  • (Edited)

We have events "Unrecognized Threat Vulnerability Exploit Event" which this matches the vulnerability signature corresponds to "JCE Vulnerability Scanning Detection (36268)" Manufacturer Palo Alto.

What QID map correspond of SIEM?

Enterasys SIEM Dragon
Event Name: Unrecognized Vulnerability Exploit Threat Event
Low Level Category: Misc Exploit
Event Description: Unrecognized Palo Alto PA Series Vulnerability Exploit Threat Event

Palo Alto “JCE Vulnerability Scanning Detection(36268)”
ET Scan Detection
Signature ID : 36268
Description This signature detects a possible JCE vulnerability scanning on the web server.
References http://blog.unmaskparasites.com/2014/01/27/invasion-of-jce-bots/
Severity high
Category info-leak
Default action alert 

Could you help me.

Thank you very much

Diego Cu
Photo of cos


  • 212 Points 100 badge 2x thumb

Posted 3 years ago

  • 0
  • 1

Be the first to post a reply!