This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to execute arbitrary code on vulnerable installations of JBoss Application Server. Authentication is not required to exploit this vulnerability.
JBoss Application Server is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution.
- Various JBoss Application Server versions.