daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2015/CVE-2015-7450.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-05-10 11:23:38 -04:00
parent 287ab79277
commit 479e3c2b6b
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cves/2015/CVE-2015-7450.yaml
View File

@ -1,10 +1,10 @@
id: CVE-2015-7450 id: CVE-2015-7450
info: info:
name: IBM WebSphere Java Object Deserialization RCE name: IBM WebSphere Java Object Deserialization - Remote Code Execution
author: wdahlenb author: wdahlenb
severity: critical severity: critical
description: Websphere Application Server 7, 8, and 8.5 have a deserialization vulnerability in the SOAP Connector (port 8880 by default) description: "IBM Websphere Application Server 7, 8, and 8.5 have a deserialization vulnerability in the SOAP Connector (port 8880 by default)."
reference: reference:
- https://github.com/Coalfire-Research/java-deserialization-exploits/blob/main/WebSphere/websphere_rce.py - https://github.com/Coalfire-Research/java-deserialization-exploits/blob/main/WebSphere/websphere_rce.py
- https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ - https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
@ -54,3 +54,5 @@ requests:
part: interactsh_protocol # Confirms the DNS Interaction part: interactsh_protocol # Confirms the DNS Interaction
words: words:
- "dns" - "dns"
# Enhanced by mp on 2022/05/10