diff --git a/cves/2017/CVE-2017-7269.yaml b/cves/2017/CVE-2017-7269.yaml
index c417f2e3aa..d7bda567cc 100644
--- a/cves/2017/CVE-2017-7269.yaml
+++ b/cves/2017/CVE-2017-7269.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2017-7269
     cwe-id: CWE-119
-  tags: cve,cve2017,rce,windows
+  tags: cve,cve2017,rce,windows,iis
 
 requests:
   - method: OPTIONS
@@ -24,22 +24,21 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-
       - type: word
+        part: header
         words:
           - "IIS/6.0"
-        part: header
 
       - type: dsl
+        part: header
         dsl:
           - regex("<DAV:sql>", dasl)    # lowercase header name: DASL
           - regex("[\d]+(,\s+[\d]+)?", dav)    # lowercase header name: DAV
           - regex(".*?PROPFIND", public)    # lowercase header name: Public
           - regex(".*?PROPFIND", allow)    # lowercase header name: Allow
         condition: or
-        part: header
 
+      - type: status
+        status:
+          - 200
 # Enhanced by mp on 2022/05/11