daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2021/CVE-2021-21479.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-05-05 12:23:55 -04:00
parent 4a64a15a8b
commit 27ce9929ed
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cves/2021/CVE-2021-21479.yaml
View File

@ -1,14 +1,15 @@
id: CVE-2021-21479
info:
name: SCIMono < v0.0.19 Remote Code Execution
name: SCIMono <0.0.19 - Remote Code Execution
author: dwisiswant0
severity: critical
description: |
In SCIMono before 0.0.19, it is possible for an attacker to inject and
execute java expression compromising the availability and integrity of the system.
SCIMono before 0.0.19 is vulnerable to remote code execution because it is possible for an attacker to inject and
execute java expressions and compromise the availability and integrity of the system.
reference:
- https://securitylab.github.com/advisories/GHSL-2020-227-scimono-ssti/
- https://nvd.nist.gov/vuln/detail/CVE-2021-21479
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
cvss-score: 9.1
@ -30,3 +31,5 @@ requests:
- '"status" : "400"'
part: body
condition: and
# Enhanced by mp on 2022/05/05