From 8fdf2cd8b36d86634d3547e68ab88855c448068c Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 29 Nov 2022 00:11:11 -0500 Subject: [PATCH 1/7] Update CVE-2021-35587.yaml added shodan-query --- cves/2021/CVE-2021-35587.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2021/CVE-2021-35587.yaml b/cves/2021/CVE-2021-35587.yaml index 7f4cbd0ed0..4ea3eb5802 100644 --- a/cves/2021/CVE-2021-35587.yaml +++ b/cves/2021/CVE-2021-35587.yaml @@ -17,6 +17,7 @@ info: cwe-id: CWE-502 metadata: fofa-query: body="/oam/pages/css/login_page.css" + shodan-query: http.title:"Oracle Access Management" tags: cve,cve2021,oam,rce,java,unauth,oracle requests: From 5bdb492bace6177b5d621cd845ff1784df11f681 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 29 Nov 2022 00:16:28 -0500 Subject: [PATCH 2/7] Update comtrend-password-exposure.yaml Corrected typo -> match id with filename. --- vulnerabilities/other/comtrend-password-exposure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/other/comtrend-password-exposure.yaml b/vulnerabilities/other/comtrend-password-exposure.yaml index bd9677b109..f9decab034 100644 --- a/vulnerabilities/other/comtrend-password-exposure.yaml +++ b/vulnerabilities/other/comtrend-password-exposure.yaml @@ -1,4 +1,4 @@ -id: comtrend-passsword-exposure +id: comtrend-password-exposure info: name: Comtrend ADSL - Remote Code Execution From 3458bcabd99b57e759f069271af3d2068732e64b Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 29 Nov 2022 00:22:34 -0500 Subject: [PATCH 3/7] Rename icewarp-openredirects.yaml to icewarp-open-redirect.yaml id + filename matching --- .../{icewarp-openredirects.yaml => icewarp-open-redirect.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename vulnerabilities/other/{icewarp-openredirects.yaml => icewarp-open-redirect.yaml} (100%) diff --git a/vulnerabilities/other/icewarp-openredirects.yaml b/vulnerabilities/other/icewarp-open-redirect.yaml similarity index 100% rename from vulnerabilities/other/icewarp-openredirects.yaml rename to vulnerabilities/other/icewarp-open-redirect.yaml From c41b0ff0ea9c7a0d6dfe1332e484579468738480 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 29 Nov 2022 11:17:50 +0530 Subject: [PATCH 6/7] Update CVE-2021-35587.yaml --- cves/2021/CVE-2021-35587.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2021/CVE-2021-35587.yaml b/cves/2021/CVE-2021-35587.yaml index 4ea3eb5802..24140f0313 100644 --- a/cves/2021/CVE-2021-35587.yaml +++ b/cves/2021/CVE-2021-35587.yaml @@ -16,6 +16,7 @@ info: cve-id: CVE-2021-35587 cwe-id: CWE-502 metadata: + verified: true fofa-query: body="/oam/pages/css/login_page.css" shodan-query: http.title:"Oracle Access Management" tags: cve,cve2021,oam,rce,java,unauth,oracle