Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by mp

2022-05-26 12:45:45 -04:00 · 2022-05-26 12:45:45 -04:00 · 0841f7b8af
parent 3f99ce203c
commit 0841f7b8af
1 changed files with 10 additions and 1 deletions
--- a/vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml
+++ b/vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml
@ -1,11 +1,18 @@
 id: jamf-log4j-jndi-rce

 info:
-  name: JAMF Log4j JNDI RCE
+  name: JamF  - Log4j JNDI Remote Code Execution
  author: pdteam
  severity: critical
+  description: JamF is susceptible to Lof4j JNDI remote code execution. JamF is the industry standard when it comes to the management of iOS devices (iPhones and iPads), macOS computers (MacBooks, iMacs, etc.), and tvOS devices (Apple TV).
  reference:
    - https://github.com/random-robbie/jamf-log4j
+    - https://community.connection.com/what-is-jamf/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cve-id:
+    cwe-id: CWE-77
  tags: rce,jndi,log4j,jamf

 requests:
@ -37,3 +44,5 @@ requests:
        group: 1
        regex:
          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'   # Print extracted ${hostName} in output
+
+# Enhanced by mp on 2022/05/26