vpatch-CVE-2023-42793 AppSec Rule

« vpatch-CVE-2023-42793 »
v0.3 by crowdsecurity
AppSec rule

JetBrains Teamcity Auth Bypass (CVE-2023-42793)

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2023-42793

YAML Configuration

1name: crowdsecurity/vpatch-CVE-2023-42793
2description: "JetBrains Teamcity Auth Bypass (CVE-2023-42793)"
3rules:
4  - zones:
5    - URI
6    transform:
7    - lowercase
8    match:
9      type: endsWith
10      value: /rpc2
11labels:
12  type: exploit
13  service: http
14  confidence: 3
15  spoofable: 0
16  behavior: "http:exploit"
17  label: "JetBrains Teamcity Auth Bypass"
18  classification:
19   - cve.CVE-2023-42793
20   - attack.T1595
21   - attack.T1190
22   - cwe.CWE-288
23

Hub Appsec rule

« vpatch-CVE-2023-42793 »v0.3 by crowdsecurityAppSec rule

« vpatch-CVE-2023-42793 »
v0.3 by crowdsecurity
AppSec rule