daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2021/CVE-2021-21479.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-05-05 12:23:55 -04:00
parent 4a64a15a8b
commit 27ce9929ed
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cves/2021/CVE-2021-21479.yaml
View File

@ -1,14 +1,15 @@
id: CVE-2021-21479 id: CVE-2021-21479
info: info:
name: SCIMono < v0.0.19 Remote Code Execution name: SCIMono <0.0.19 - Remote Code Execution
author: dwisiswant0 author: dwisiswant0
severity: critical severity: critical
description: | description: |
In SCIMono before 0.0.19, it is possible for an attacker to inject and SCIMono before 0.0.19 is vulnerable to remote code execution because it is possible for an attacker to inject and
execute java expression compromising the availability and integrity of the system. execute java expressions and compromise the availability and integrity of the system.
reference: reference:
- https://securitylab.github.com/advisories/GHSL-2020-227-scimono-ssti/ - https://securitylab.github.com/advisories/GHSL-2020-227-scimono-ssti/
- https://nvd.nist.gov/vuln/detail/CVE-2021-21479
classification: classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
cvss-score: 9.1 cvss-score: 9.1
@ -30,3 +31,5 @@ requests:
- '"status" : "400"' - '"status" : "400"'
part: body part: body
condition: and condition: and
# Enhanced by mp on 2022/05/05