|
|
|||
| Rule General Information |
|---|
| Release Date: | 2022-08-22 | |
| Rule Name: | Tool Ysoserial Detection - CC1 | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Ysoserial is a well-known java deserialization utilization tool open source on Github, which collects various java deserialization payloads. This rule is used to detect malicious behavior that exploits the CC1 module of the Ysoserial tool to construct deserialized data through a vulnerability in the Apache Commons Collections library. | |
| Impact: | Attackers use attack tools to attack targets, which can lead to data leakage, service interruption, system crash, data tampering, and illegal access. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| 1. Scan the server file system to ensure that there are no hacker tools and related malicious files. 2. Complete system backup to ensure server data security. 3. Harden the security of the server, restrict access permissions, install firewalls, and use secure access control lists. |