Emerging Threats
CVE2021
CVE-2021-40539
2Rules
3References
1Folders
2023-01-02Latest
Summary
CVE-2021-40539 is tracked here through 2 Sigma detections for exploitation attempts and related post-exploitation behavior observed in 2021. Coverage centers on webserver.
Related Detections
Search this threatEmerging Threathightest
ADSelfService Exploitation
Detects suspicious access to URLs that was noticed in cases in which attackers exploitated the ADSelfService vulnerability CVE-2021-40539
Web Server Log
cve.2021-40539detection.emerging-threatsTA0001 · Initial AccessT1190 · Exploit Public-Facing Application
Tobias Michalski+1Mon Sep 202021
Emerging Threatcriticaltest
CVE-2021-40539 Zoho ManageEngine ADSelfService Plus Exploit
Detects an authentication bypass vulnerability affecting the REST API URLs in ADSelfService Plus (CVE-2021-40539).
Web Server Log
TA0001 · Initial AccessT1190 · Exploit Public-Facing ApplicationTA0003 · PersistenceT1505.003 · Web Shell+2
Sittikorn S+1Fri Sep 102021
References