title: Pulse Secure Attack CVE-2019-11510
id: 2dbc10d7-a797-49a8-8776-49efa6442e60
status: test
description: Detects CVE-2019-11510 exploitation attempt - URI contains Guacamole
references:
    - https://www.exploit-db.com/exploits/47297
author: Florian Roth (Nextron Systems)
date: 2019-11-18
modified: 2023-01-02
tags:
    - attack.initial-access
    - attack.t1190
    - cve.2019-11510
    - detection.emerging-threats
logsource:
    category: webserver
detection:
    selection:
        cs-uri-query: '*?/dana/html5acc/guacamole/*'
    condition: selection
falsepositives:
    - Unknown
level: critical