Skip main navigation (Press Enter).

Imperva Cyber Community

View Only

Back to discussions

Expand all | Collapse all

CVE-2021-38647

Ken Chau07-13-2023 03:49

Hi all, Recently we find some strange requests of POST /wsman HTTP/1.1 And, I search from Internet ...

Syed Noor Fazal07-13-2023 09:35

Hello Ken, Thank you for your post, what is the MX version? ------------------------------ Syed ...

Ken Chau07-14-2023 04:19

Hi Syed, MX version is 14.7.0.20. Thanks. ------------------------------ Ken Chau IT Manager ...

1. CVE-2021-38647

Like
Ken Chau
Posted 07-13-2023 03:49
Hi all,

Recently we find some strange requests of POST /wsman HTTP/1.1

And, I search from Internet and find this article

https://www.pwndefend.com/2021/09/17/cve-2021-38647-open-management-infrastructure-omi-rce-azure-linux-hosts/

So, possibly some hackers are looking for this vulnerability to exploit it.

Just would like to see how do you feel about this risk? Would you develop any signature to block these attempts?

Thank you.

#On-PremisesWAF(formerlySecuresphere)

------------------------------
Ken Chau
IT Manager
------------------------------
2. RE: CVE-2021-38647

Like
Syed Noor Fazal
Posted 07-13-2023 09:35
Edited by Syed Noor Fazal 07-13-2023 09:37
Hello Ken,

Thank you for your post, what is the MX version?

------------------------------
Syed Noor Fazal
Product Support Engineer
------------------------------
3. RE: CVE-2021-38647

Like
Ken Chau
Posted 07-14-2023 04:19
Hi Syed,

MX version is 14.7.0.20.

Thanks.

------------------------------
Ken Chau
IT Manager
------------------------------

Original Message

Powered by Higher Logic

Global message icon