This rule checks GET requests to detect possible exploits of the CVE-2024-3400 vulnerability. These requests may indicate exploitation of the vulnerability and may indicate that attackers are attempting to perform malicious activities through GlobalProtect. The Sigma rule aims to detect attacks by detecting such requests.
