Dashboard Enhancements + Severity Matching (#5245)

Dashboard Enhancements + Severity Matching

cnvd/2020/CNVD-2020-23735.yaml

@@ -3,7 +3,7 @@ id: CNVD-2020-23735
 info:
   name: Xxunchi CMS - Local File Inclusion
   author: princechaddha
-  severity: medium
+  severity: high
   description: Xunyou CMS is vulnerable to local file inclusion. Attackers can use vulnerabilities to obtain sensitive information.
   reference:
     - https://www.cnvd.org.cn/flaw/show/2025171

cnvd/2021/CNVD-2021-30167.yaml

@@ -3,7 +3,7 @@ id: CNVD-2021-30167
 info:
   name: UFIDA NC BeanShell Remote Command Execution
   author: pikpikcu
-  severity: high
+  severity: critical
   description: UFIDA NC BeanShell contains a remote command execution vulnerability in the bsh.servlet.BshServlet program.
   reference:
     - https://mp.weixin.qq.com/s/FvqC1I_G14AEQNztU0zn8A

cves/2014/CVE-2014-8682.yaml

@@ -3,7 +3,7 @@ id: CVE-2014-8682
 info:
   name: Gogs (Go Git Service) - SQL Injection
   author: dhiyaneshDK,daffainfo
-  severity: high
+  severity: critical
   description: Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to (1) api/v1/repos/search, which is not properly handled in models/repo.go, or (2) api/v1/users/search, which is not properly handled in models/user.go.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-8682

cves/2021/CVE-2021-25075.yaml

@@ -3,7 +3,7 @@ id: CVE-2021-25075
 info:
   name: WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting
   author: DhiyaneshDK
-  severity: low
+  severity: high
   description: |
     WordPress Duplicate Page or Post plugin before 1.5.1 contains a stored cross-site scripting vulnerability. The plugin does not have any authorization and has a flawed cross-site request forgery check in the wpdevart_duplicate_post_parametrs_save_in_db AJAX action, allowing unauthenticated users to call it and change the plugin's settings, or perform such attack via cross-site request forgery.
   remediation: Fixed in version 1.5.1.
@@ -12,10 +12,9 @@ info:
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25075
     - https://nvd.nist.gov/vuln/detail/CVE-2021-25075
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 3.50
+    cvss-score: 7.2
-    cve-id: CVE-2021-25075
+    cwe-id: CWE-79
-    cwe-id: CWE-862
   tags: wpscan,cve,cve2021,wordpress,xss,wp-plugin,authenticated
 
 requests:

default-logins/minio/minio-default-login.yaml

@@ -3,7 +3,7 @@ id: minio-default-login
 info:
   name: Minio Default Login
   author: pikpikcu
-  severity: medium
+  severity: high
   description: Minio default admin credentials were discovered.
   reference:
     - https://docs.min.io/docs/minio-quickstart-guide.html#

default-logins/ofbiz/ofbiz-default-login.yaml

@@ -3,7 +3,7 @@ id: ofbiz-default-login
 info:
   name: Apache OfBiz Default Login
   author: pdteam
-  severity: medium
+  severity: high
   description: Apache OfBiz default admin credentials were discovered.
   reference:
     - https://cwiki.apache.org/confluence/display/OFBIZ/Apache+OFBiz+Technical+Production+Setup+Guide

exposed-panels/airflow-panel.yaml

@@ -8,9 +8,8 @@ info:
   reference:
     - https://airflow.apache.org/docs/apache-airflow/stable/security/webserver.html
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 0.0
-    cvss-score: 8.3
+    cwe-id: CWE-668
-    cwe-id: CWE-522
   metadata:
     shodan-query: title:"Sign In - Airflow"
   tags: panel,apache,airflow,admin

exposed-panels/ambari-exposure.yaml

@@ -3,12 +3,11 @@ id: ambari-exposure
 info:
   name: Apache Ambari Exposure Admin Login Panel
   author: pdteam
-  severity: medium
+  severity: info
   description: An Apache Ambari panel was discovered.
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 0.0
-    cvss-score: 5.3
+    cwe-id: CWE-668
-    cwe-id: CWE-200
   tags: panel,apache,ambari,exposure
 
 requests:

exposed-panels/avantfax-panel.yaml

@@ -8,9 +8,8 @@ info:
   reference:
     - http://www.avantfax.com/
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 0.0
-    cvss-score: 5.3
+    cwe-id: CWE-668
-    cwe-id: CWE-200
   metadata:
     shodan-query: http.title:"AvantFAX - Login"
   tags: panel,avantfax,login

exposed-panels/codemeter-webadmin-panel.yaml

@@ -3,12 +3,11 @@ id: codemeter-webadmin-panel
 info:
   name: CodeMeter - WebAdmin Panel Access
   author: Techryptic (@Tech)
-  severity: high
+  severity: info
   description: CodeMeter WebAdmin panel was accessed.
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 0.0
-    cvss-score: 5.3
+    cwe-id: CWE-668
-    cwe-id: CWE-200
   tags: codemeter,webadmin,panel
 
 requests:

exposed-panels/epson-access-detect.yaml

@@ -3,16 +3,14 @@ id: epson-access-detect
 info:
   name: Epson Device Unauthorized Access Detect
   author: pussycat0x
-  severity: medium
+  severity: info
   description: A publicly available Epson device panel (printer, scanner, etc.) was detected.
   reference:
     - https://www.exploit-db.com/ghdb/6922
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
+    cvss-score: 0.0
-    cvss-score: 5.8
+    cwe-id: CWE-668
-    cwe-id: CWE-522
   tags: iot,printer,panel,unauth,epson,edb
-
 requests:
   - method: GET
     path:

exposed-panels/open-virtualization-manager-panel.yaml

@@ -4,15 +4,13 @@ info:
   name: Open Virtualization Userportal & Webadmin Panel Detection
   author: idealphase
   severity: info
-  description: Open Virtualization Userportal & Webadmin panels were detected. Open Virtualization Manager is an open-source distributed virtualization solution designed to manage enterprise infrastructure. oVirt
+  description: Open Virtualization Userportal & Webadmin panels were detected. Open Virtualization Manager is an open-source distributed virtualization solution designed to manage enterprise infrastructure. oVirt uses the trusted KVM hypervisor and is built upon several other community projects, including libvirt, Gluster, PatternFly, and Ansible.
-    uses the trusted KVM hypervisor and is built upon several other community projects, including libvirt, Gluster, PatternFly, and Ansible.
   reference:
     - https://www.ovirt.org/
     - https://www.ovirt.org/dropped/admin-guide/virt/console-client-resources.html
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 0.0
-    cvss-score: 5.3
+    cwe-id: CWE-668
-    cwe-id: CWE-200
   metadata:
     shodan-query: title:"Ovirt-Engine"
     google-query: intitle:"Ovirt-Engine"

exposed-panels/qnap/qnap-qts-panel.yaml

@@ -12,7 +12,6 @@ info:
     verified: true
     shodan-query: product:"QNAP"
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
     cvss-score: 0.0
     cwe-id: CWE-200
   tags: panel,qnap,qts

exposed-panels/sicom-panel.yaml

@@ -3,12 +3,11 @@ id: sicom-mgrng-login
 info:
   name: Sicom MGRNG - Administrative Login Found
   author: sullo
-  severity: low
+  severity: info
   description: |
     Sicom MGRNG administrative login page found.
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 0.0
-    cvss-score: 3.7
     cwe-id: CWE-668
   tags: sicom,mgrng,panel
 

exposed-panels/tenda-11n-wireless-router-login.yaml

@@ -12,9 +12,8 @@ info:
     shodan-query: http.title:"Tenda 11N Wireless Router Login Screen"
     google-query: intitle:"Tenda 11N Wireless Router Login Screen"
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
     cvss-score: 0.0
-    cwe-id: CWE-419
+    cwe-id: CWE-668
   tags: panel,tenda
 
 requests:

misconfiguration/teamcity/teamcity-guest-login-enabled.yaml

@@ -3,7 +3,7 @@ id: teamcity-guest-login-enabled
 info:
   name: JetBrains TeamCity - Guest User Access Enabled
   author: Ph33r
-  severity: info
+  severity: high
   description: |
     TeamCity provides the ability to turn on the guest login allowing anonymous access to the TeamCity UI.
   reference:

technologies/elfinder-detect.yaml

@@ -6,7 +6,6 @@ info:
   description: An elFinder implementation was discovered.
   severity: info
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
     cvss-score: 0.0
     cwe-id: CWE-200
   tags: tech,elfinder

vulnerabilities/ibm/ibm-infoprint-lfi.yaml

@@ -3,7 +3,7 @@ id: ibm-infoprint-lfi
 info:
   name: IBM InfoPrint 4247-Z03 Impact Matrix Printer - Local File Inclusion
   author: harshbothra_
-  severity: medium
+  severity: high
   description: IBM InfoPrint 4247-Z03 Impact Matrix Printer is subject to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/47835

vulnerabilities/other/carel-bacnet-gateway-traversal.yaml

@@ -3,7 +3,7 @@ id: carel-bacnet-gateway-traversal
 info:
   name: Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Local File Inclusion
   author: gy741
-  severity: medium
+  severity: high
   description: Carel pCOWeb HVAC BACnet Gateway 2.1.0 is vulnerable to local file inclusion because of input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.
   reference:
     - https://www.zeroscience.mk/codes/carelpco_dir.txt

vulnerabilities/other/finereport-path-traversal.yaml

@@ -3,7 +3,7 @@ id: finereport-path-traversal
 info:
   name: FineReport 8.0 - Local File Inclusion
   author: pikpikcu
-  severity: medium
+  severity: high
   description: FIneReport  8.0 is vulnerable to local file inclusion.
   reference:
     - http://foreversong.cn/archives/1378

vulnerabilities/other/geovision-geowebserver-xss.yaml

@@ -3,7 +3,7 @@ id: geowebserver-xss
 info:
   name: GeoVision Geowebserver 5.3.3 - Cross-Site Scripting
   author: madrobot
-  severity: medium
+  severity: high
   description: GeoVision Geowebserver 5.3.3 and prior versions are vulnerable to several cross-site scripting / HTML injection / local file inclusion / XML injection / code execution vectors because the application fails to properly sanitize user requests.
   reference:
     - https://packetstormsecurity.com/files/163860/geovisiongws533-lfixssxsrfexec.txt

vulnerabilities/other/hjtcloud-rest-arbitrary-file-read.yaml

@@ -3,7 +3,7 @@ id: hjtcloud-rest-arbitrary-file-read
 info:
   name: HJTcloud - Local File Inclusion
   author: pikpikcu
-  severity: low
+  severity: high
   description: HJTcloud is vulnerable to local file inclusion.
   reference:
     - https://mp.weixin.qq.com/s/w2pkj5ADN7b5uxe-wmfGbw

vulnerabilities/other/kingdee-eas-directory-traversal.yaml

@@ -3,7 +3,7 @@ id: kingdee-eas-directory-traversal
 info:
   name: Kingdee EAS - Local File Inclusion
   author: ritikchaddha
-  severity: medium
+  severity: high
   description: Kingdee EAS OA server_file is vulnerable to local file inclusion and can allow attackers to obtain sensitive server information.
   reference:
     - https://github.com/nu0l/poc-wiki/blob/main/%E9%87%91%E8%9D%B6OA%20server_file%20%E7%9B%AE%E5%BD%95%E9%81%8D%E5%8E%86%E6%BC%8F%E6%B4%9E.md

vulnerabilities/other/magicflow-lfi.yaml

@@ -3,7 +3,7 @@ id: magicflow-lfi
 info:
   name: MagicFlow - Local File Inclusion
   author: gy741
-  severity: critical
+  severity: high
   description: |
     MagicFlow is susceptible to local file inclusion vulnerabilities because it allows remote unauthenticated users to access locally stored files on the server and return their content via the '/msa/main.xp' endpoint and the 'Fun' parameter.
   reference:

vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml

@@ -3,7 +3,7 @@ id: nginx-merge-slashes-path-traversal
 info:
   name: Nginx Server - Local File Inclusion
   author: dhiyaneshDk
-  severity: medium
+  severity: high
   description: Nginx server is vulnerable to local file inclusion.
   reference:
     - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/nginx-merge-slashes-path-traversal.json

vulnerabilities/other/pmb-directory-traversal.yaml

@@ -3,7 +3,7 @@ id: pmb-directory-traversal
 info:
   name: PMB 5.6 - Local File Inclusion
   author: geeknik
-  severity: medium
+  severity: high
   description: PMB 5.6 is vulnerable to local file inclusion because the PMB Gif Image is not sanitizing the content of the 'chemin' parameter.
   reference:
     - https://packetstormsecurity.com/files/160072/PMB-5.6-Local-File-Disclosure-Directory-Traversal.html

vulnerabilities/other/symantec-messaging-gateway.yaml

@@ -3,7 +3,7 @@ id: symantec-messaging-gateway
 info:
   name: Symantec Messaging Gateway <=10.6.1 - Local File Inclusion
   author: Random_Robbie
-  severity: medium
+  severity: high
   description: Symantec Messaging Gateway 10.6.1 and prior are vulnerable to local file inclusion.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

vulnerabilities/other/unauth-spark-api.yaml

@@ -3,7 +3,7 @@ id: unauth-spark-api
 info:
   name: Unauthenticated Spark REST API
   author: princechaddha
-  severity: medium
+  severity: critical
   description: The Spark product's REST API interface allows access to unauthenticated users.
   reference:
     - https://xz.aliyun.com/t/2490

vulnerabilities/simplecrm/simple-crm-sql-injection.yaml

@@ -3,7 +3,7 @@ id: simple-crm-sql-injection
 info:
   name: Simple CRM 3.0 SQL Injection and Authentication Bypass
   author: geeknik
-  severity: high
+  severity: critical
   description: Simple CRM 3.0 is susceptible to SQL injection and authentication bypass vulnerabilities.
   reference:
     - https://packetstormsecurity.com/files/163254/simplecrm30-sql.txt

vulnerabilities/weaver/ecology/ecology-filedownload-directory-traversal.yaml

@@ -3,7 +3,7 @@ id: ecology-filedownload-directory-traversal
 info:
   name: Ecology - Local File Inclusion
   author: princechaddha
-  severity: medium
+  severity: high
   description: Ecology is vulnerable to local file inclusion.
   metadata:
     fofa-query: app="泛微-协同办公OA"

vulnerabilities/weaver/ecology/ecology-springframework-directory-traversal.yaml

@@ -3,7 +3,7 @@ id: ecology-springframework-directory-traversal
 info:
   name: Ecology Springframework - Local File Inclusion
   author: princechaddha
-  severity: medium
+  severity: high
   description: Ecology Springframework is vulnerable to local file inclusion.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

vulnerabilities/wordpress/my-chatbot-xss.yaml

@@ -3,7 +3,7 @@ id: my-chatbot-xss
 info:
   name: WordPress My Chatbot <= 1.1 - Reflected Cross-Site Scripting
   author: dhiyaneshDk
-  severity: medium
+  severity: high
   description: WordPress My Chatbot <= 1.1  is susceptible to cross-site scripting. The plugin does not sanitize or escape its tab parameter in the Settings page before outputting it back in an attribute.
   reference:
     - https://wpscan.com/vulnerability/c0b6f63b-95d1-4782-9554-975d6d7bbd3d

vulnerabilities/wordpress/wp-socialfit-xss.yaml

@@ -3,7 +3,7 @@ id: wp-socialfit-xss
 info:
   name: WordPress SocialFit - Cross-Site Scripting
   author: daffainfo
-  severity: medium
+  severity: high
   description: |
     WordPress SocialFit is vulnerable to a cross-site scripting vulnerability via the 'msg' parameter because it fails to properly sanitize user-supplied input.
   reference: