Rule Library
Sigma Rules
4 rules found for "CVE-2022-41082"
3,731Total
3,132Detection
457Emerging
139Hunting
Emerging Threathightest
Potential OWASSRF Exploitation Attempt - Proxy
Detects exploitation attempt of the OWASSRF variant targeting exchange servers It uses the OWA endpoint to access the powershell backend endpoint
Proxy Log
Nasreddine Bencherchali (Nextron Systems)Thu Dec 222022
Emerging Threatcriticaltest
OWASSRF Exploitation Attempt Using Public POC - Proxy
Detects exploitation attempt of the OWASSRF variant targeting exchange servers using publicly available POC. It uses the OWA endpoint to access the powershell backend endpoint
Proxy Log
Nasreddine Bencherchali (Nextron Systems)Thu Dec 222022
Emerging Threathightest
Potential OWASSRF Exploitation Attempt - Webserver
Detects exploitation attempt of the OWASSRF variant targeting exchange servers It uses the OWA endpoint to access the powershell backend endpoint
Web Server Log
Nasreddine Bencherchali (Nextron Systems)Thu Dec 222022
Emerging Threatcriticaltest
OWASSRF Exploitation Attempt Using Public POC - Webserver
Detects exploitation attempt of the OWASSRF variant targeting exchange servers using publicly available POC. It uses the OWA endpoint to access the powershell backend endpoint
Web Server Log
Nasreddine Bencherchali (Nextron Systems)Thu Dec 222022