Enterasys SIEM Dragon 7.7.2 Patch 2 "Unrecognized Threat Vulnerability Exploit Event"

  • 0
  • 1
  • Problem
  • Updated 4 years ago
  • (Edited)
Hello,

We have events "Unrecognized Threat Vulnerability Exploit Event" which this matches the vulnerability signature corresponds to "JCE Vulnerability Scanning Detection (36268)" Manufacturer Palo Alto.


What QID map correspond of SIEM?


Enterasys SIEM Dragon
------------------------------------------
Event Name: Unrecognized Vulnerability Exploit Threat Event
Low Level Category: Misc Exploit
Event Description: Unrecognized Palo Alto PA Series Vulnerability Exploit Threat Event


Palo Alto “JCE Vulnerability Scanning Detection(36268)”
------------------------------------------
ET Scan Detection
Signature ID : 36268
Description This signature detects a possible JCE vulnerability scanning on the web server.
References http://blog.unmaskparasites.com/2014/01/27/invasion-of-jce-bots/
Severity high
Category info-leak
Default action alert 



Could you help me.


Thank you very much


Diego Cu
Photo of cos

cos

  • 212 Points 100 badge 2x thumb

Posted 4 years ago

  • 0
  • 1

Be the first to post a reply!