diff --git a/cves/2021/CVE-2021-31602.yaml b/cves/2021/CVE-2021-31602.yaml
index 5cb818b2a9..46d9a4c0f2 100644
--- a/cves/2021/CVE-2021-31602.yaml
+++ b/cves/2021/CVE-2021-31602.yaml
@@ -1,15 +1,16 @@
 id: CVE-2021-31602
+
 info:
   name: Pentaho <= 9.1 Authentication Bypass of Spring APIs
   author: pussycat0x
   severity: medium
-  metadata:
-    shodan-dork: 'Pentaho'
   reference:
     - https://seclists.org/fulldisclosure/2021/Nov/13
     - https://portswigger.net/daily-swig/remote-code-execution-sql-injection-bugs-uncovered-in-pentaho-business-analytics-software
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31602
-  tags: pentaho,spring,auth-bypass,cve,cve2021
+    - https://hawsec.com/publications/pentaho/HVPENT210401-Pentaho-BA-Security-Assessment-Report-v1_1.pdf
+  metadata:
+    shodan-query: 'Pentaho'
+  tags: cve,cve2021,pentaho,auth-bypass
 
 requests:
   - method: GET
@@ -20,11 +21,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - '<roleList>'
           - '<roles>Anonymous</roles>'
         condition: and
-        part: body
+
       - type: status
         status:
-          - 200
+          - 200
\ No newline at end of file