Header Only - DO NOT REMOVE - Extreme Networks

Enterasys SIEM Dragon 7.7.2 Patch 2 "Unrecognized Threat Vulnerability Exploit Event"

  • 22 September 2014
  • 0 replies

  • New Member
  • 0 replies

We have events "Unrecognized Threat Vulnerability Exploit Event" which this matches the vulnerability signature corresponds to "JCE Vulnerability Scanning Detection (36268)" Manufacturer Palo Alto.

What QID map correspond of SIEM?

Enterasys SIEM Dragon
Event Name: Unrecognized Vulnerability Exploit Threat Event
Low Level Category: Misc Exploit
Event Description: Unrecognized Palo Alto PA Series Vulnerability Exploit Threat Event

Palo Alto “JCE Vulnerability Scanning Detection(36268)”
ET Scan Detection
Signature ID : 36268
Description This signature detects a possible JCE vulnerability scanning on the web server.
References http://blog.unmaskparasites.com/2014/01/27/invasion-of-jce-bots/
Severity high
Category info-leak
Default action alert

Could you help me.

Thank you very much

Diego Cu

0 replies

Be the first to reply!