🔥 Add CVE-2020-11853
parent
4fb3b338a0
commit
13dee2df9f
|
@ -0,0 +1,33 @@
|
|||
id: CVE-2020-11853
|
||||
|
||||
info:
|
||||
name: Micro Focus Operation Bridge Manager RCE
|
||||
author: dwisiswant0
|
||||
severity: high
|
||||
reference: http://packetstormsecurity.com/files/161366/Micro-Focus-Operations-Bridge-Manager-Remote-Code-Execution.html
|
||||
description: |
|
||||
This template supports the detection part only.
|
||||
|
||||
UCMDB included in versions 2020.05 and below of Operations Bridge Manager are affected,
|
||||
but this module can probably also be used to exploit Operations Bridge Manager
|
||||
(containeirized) and Application Performance Management.
|
||||
|
||||
Originated from Metasploit module (#14654).
|
||||
tags: cve,cve2020,opm,rce
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/ucmdb-api/connect"
|
||||
- "{{BaseURL}}:8443/ucmdb-api/connect"
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
- type: word
|
||||
words:
|
||||
- "HttpUcmdbServiceProviderFactoryImpl"
|
||||
- "ServerVersion=11.6.0"
|
||||
part: body
|
||||
condition: and
|
Loading…
Reference in New Issue