nuclei-templates/cves/2020/CVE-2020-11854.yaml

id: CVE-2020-11854

info:
  name: Micro Focus UCMDB RCE
  author: dwisiswant0
  severity: critical
  description: |
    This template supports the detection part only.

    UCMDB included in versions 2020.05 and below of Operations Bridge Manager are affected,
    but this template can probably also be used to detect Operations Bridge Manager
    (containeirized) and Application Performance Management.

    Originated from Metasploit module (#14654).
  reference:
    - http://packetstormsecurity.com/files/161182/Micro-Focus-UCMDB-Remote-Code-Execution.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2020-11854
    cwe-id: CWE-798
  tags: cve,cve2020,ucmdb,rce

requests:
  - method: GET
    path:
      - "{{BaseURL}}/ucmdb-api/connect"
    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
      - type: word
        words:
          - "HttpUcmdbServiceProviderFactoryImpl"
          - "ServerVersion=11.6.0"
        part: body
        condition: and
:fire: Add CVE-2020-11854 2021-02-26 12:19:36 +00:00			`id: CVE-2020-11854`

			`info:`
			`name: Micro Focus UCMDB RCE`
			`author: dwisiswant0`
			`severity: critical`
			`description: \|`
			`This template supports the detection part only.`

			`UCMDB included in versions 2020.05 and below of Operations Bridge Manager are affected,`
:blue_book: Update descriptions 2021-02-26 12:30:30 +00:00			`but this template can probably also be used to detect Operations Bridge Manager`
:fire: Add CVE-2020-11854 2021-02-26 12:19:36 +00:00			`(containeirized) and Application Performance Management.`

			`Originated from Metasploit module (#14654).`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`reference:`
			`- http://packetstormsecurity.com/files/161182/Micro-Focus-UCMDB-Remote-Code-Execution.html`
Added cve annotations + severity adjustments 2021-09-10 11:26:40 +00:00			`classification:`
			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`cvss-score: 9.8`
Added cve annotations + severity adjustments 2021-09-10 11:26:40 +00:00			`cve-id: CVE-2020-11854`
			`cwe-id: CWE-798`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`tags: cve,cve2020,ucmdb,rce`
:fire: Add CVE-2020-11854 2021-02-26 12:19:36 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/ucmdb-api/connect"`
			`matchers-condition: and`
			`matchers:`
			`- type: status`
			`status:`
			`- 200`
			`- type: word`
			`words:`
			`- "HttpUcmdbServiceProviderFactoryImpl"`
			`- "ServerVersion=11.6.0"`
			`part: body`
			`condition: and`