Dashboard Content Enhancements (#3958)

Dashboard Content Enhancements

default-logins/alibaba/canal-default-login.yaml

@@ -3,8 +3,16 @@ id: canal-default-login
 info:
   name: Alibaba Canal Default Login
   author: pdteam
+  description: An Alibaba Canal default login was discovered.
   severity: high
   tags: alibaba,default-login
+  reference:
+    - https://github.com/alibaba/canal/wiki/ClientAdapter
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cve-id:
+    cwe-id: CWE-522
 
 requests:
   - raw:
@@ -33,3 +41,5 @@ requests:
         words:
           - 'data":{"token"'
           - '"code":20000'
+
+# Enhanced by mp on 2022/03/22

default-logins/alphaweb/alphaweb-default-login.yaml

@@ -4,8 +4,15 @@ info:
   name: AlphaWeb XE Default Login
   author: Lark Lab
   severity: medium
+  description: An AlphaWeb XE default login was discovered.
   tags: default-login
-  reference: https://wiki.zenitel.com/wiki/AlphaWeb
+  reference:
+    - https://wiki.zenitel.com/wiki/AlphaWeb
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
+    cvss-score: 5.8
+    cve-id:
+    cwe-id: CWE-522
 
 requests:
   - raw:
@@ -32,4 +39,6 @@ requests:
 
       - type: status
         status:
-          - 200
+          - 200
+
+# Enhanced by mp on 2022/03/22

default-logins/ambari/ambari-default-login.yaml

@@ -3,8 +3,16 @@ id: ambari-default-login
 info:
   name: Apache Ambari Default Login
   author: pdteam
-  severity: medium
+  description: An Apache Ambari default admin login was discovered.
+  severity: high
   tags: ambari,default-login,apache
+  reference:
+    - https://ambari.apache.org/1.2.0/installing-hadoop-using-ambari/content/ambari-chap3-1.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cve-id:
+    cwe-id: CWE-522
 
 requests:
   - raw:
@@ -24,3 +32,5 @@ requests:
           - '"Users" : {'
           - 'AMBARI.'
         condition: and
+
+# Enhanced by mp on 2022/03/22

default-logins/apache/airflow-default-login.yaml

@@ -3,11 +3,18 @@ id: airflow-default-login
 info:
   name: Apache Airflow Default Login
   author: pdteam
-  severity: critical
+  severity: high
   tags: airflow,default-login,apache
-  reference: https://airflow.apache.org/docs/apache-airflow/stable/start/docker.html
+  description: An Apache Airflow default login was discovered.
+  reference:
+    - https://airflow.apache.org/docs/apache-airflow/stable/start/docker.html
   metadata:
     shodan-query: title:"Sign In - Airflow"
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cve-id:
+    cwe-id: CWE-522
 
 requests:
   - raw:
@@ -54,3 +61,5 @@ requests:
       - type: word
         words:
           - 'You should be redirected automatically to target URL: <a href="/">'
+
+# Enhanced by mp on 2022/03/22

default-logins/apache/apisix-default-login.yaml

@@ -1,14 +1,22 @@
 id: apisix-default-login
 
 info:
-  name: Apache Apisix Default Login
+  name: Apache Apisix Default Admin Login
   author: pdteam
-  severity: critical
+  severity: high
   tags: apisix,apache,default-login
+  description: An Apache Apisix default admin login was discovered.
   metadata:
     shodan-query: title:"Apache APISIX Dashboard"
     fofa-query: title="Apache APISIX Dashboard"
     product: https://apisix.apache.org
+  reference:
+    - https://apisix.apache.org/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cve-id:
+    cwe-id: CWE-522
 
 requests:
   - raw:
@@ -39,4 +47,6 @@ requests:
           - '"data"'
           - '"token"'
           - '"code":0'
-        condition: and
+        condition: and
+
+# Enhanced by mp on 2022/03/22

default-logins/apollo/apollo-default-login.yaml

@@ -4,10 +4,17 @@ info:
   name: Apollo Default Login
   author: PaperPen
   severity: high
+  description: An Apollo default login was discovered.
   metadata:
     shodan-query: http.favicon.hash:11794165
-  reference: https://github.com/apolloconfig/apollo
+  reference:
+    - https://github.com/apolloconfig/apollo
   tags: apollo,default-login
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cve-id:
+    cwe-id: CWE-522
 
 requests:
   - raw:
@@ -47,3 +54,5 @@ requests:
           - "status_code_1 == 302 && status_code_2 == 200"
           - "contains(tolower(all_headers_2), 'application/json')"
         condition: and
+
+# Enhanced by mp on 2022/03/22

default-logins/arl/arl-default-login.yaml

@@ -1,10 +1,16 @@
 id: arl-default-login
 
 info:
-  name: ARL Default Login
+  name: ARL Default Admin Login
   author: pikpikcu
+  description: An ARL default admin login was discovered.
   severity: high
   tags: arl,default-login
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cve-id:
+    cwe-id: CWE-522
 
 requests:
   - raw:
@@ -35,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/03/22

default-logins/digitalrebar/digitalrebar-default-login.yaml

@@ -1,11 +1,19 @@
 id: digitalrebar-default-login
 
 info:
-  name: RackN Digital Rebar provision default login
+  name: RackN Digital Rebar Default Login
   author: c-sh0
   severity: high
-  reference: https://docs.rackn.io/en/latest/doc/faq-troubleshooting.html?#what-are-the-default-passwords
+  description: A RackN Digital Rebar default login was discovered.
+  reference:
+    - https://docs.rackn.io/en/latest/doc/faq-troubleshooting.html?#what-are-the-default-passwords
+    - https://rackn.com/
   tags: rackn,digitalrebar,default-login
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cve-id:
+    cwe-id: CWE-522
 
 requests:
   - raw:
@@ -38,3 +46,5 @@ requests:
           - 'Name'
           - 'Secret'
         condition: and
+
+# Enhanced by mp on 2022/03/22

default-logins/mantisbt/mantisbt-default-credential.yaml

@@ -1,12 +1,20 @@
 id: mantisbt-default-credential
 
 info:
-  name: MantisBT Default Credential
+  name: MantisBT Default Admin Login
   author: For3stCo1d
   severity: high
+  description: A MantisBT default admin login was discovered.
+  reference:
+    - https://mantisbt.org/
   metadata:
     shodan-query: title:"MantisBT"
   tags: mantisbt,default-login
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cve-id:
+    cwe-id: CWE-522
 
 requests:
   - raw:
@@ -34,4 +42,6 @@ requests:
 
       - type: status
         status:
-          - 302
+          - 302
+
+# Enhanced by mp on 2022/03/22

default-logins/stackstorm/stackstorm-default-login.yaml

@@ -4,10 +4,17 @@ info:
   name: StackStorm Default Login
   author: PaperPen
   severity: high
+  description: A StackStorm default admin login was discovered.
   metadata:
     fofa-query: app="stackstorm"
-  reference: https://github.com/StackStorm/st2-docker
+  reference:
+    - https://github.com/StackStorm/st2-docker
   tags: stackstorm,default-login
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cve-id:
+    cwe-id: CWE-522
 
 requests:
   - raw:
@@ -35,4 +42,6 @@ requests:
 
       - type: status
         status:
-          - 201
+          - 201
+
+# Enhanced by mp on 2022/03/22

dns/caa-fingerprint.yaml

@@ -1,11 +1,18 @@
 id: caa-fingerprint
 
 info:
-  name: CAA Fingerprint
+  name: CAA Record
   author: pdteam
+  description: A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.
   severity: info
-  reference: https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record
+  reference:
+    - https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record
   tags: dns,caa
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cve-id:
+    cwe-id: CWE-200
 
 dns:
   - name: "{{FQDN}}"
@@ -22,4 +29,6 @@ dns:
         regex:
           - 'issue "(.*)"'
           - 'issuewild "(.*)"'
-          - 'iodef "(.*)"'
+          - 'iodef "(.*)"'
+
+# Enhanced by mp on 2022/03/22

exposed-panels/active-admin-exposure.yaml

@@ -4,7 +4,15 @@ info:
   name: ActiveAdmin Admin Dasboard Exposure
   author: pdteam
   severity: info
+  description: An ActiveAdmin Admin dashboard was discovered.
   tags: panel,activeadmin
+  reference:
+    - https://activeadmin.info/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cve-id:
+    cwe-id: CWE-200
 
 requests:
   - method: GET
@@ -16,3 +24,5 @@ requests:
           - "active_admin_content"
           - "active_admin-"
         condition: and
+
+# Enhanced by mp on 2022/03/22

exposed-panels/activemq-panel.yaml

@@ -4,7 +4,15 @@ info:
   name: Apache ActiveMQ Exposure
   author: pdteam
   severity: info
+  description: An Apache ActiveMQ implementation was discovered.
+  reference:
+    - https://activemq.apache.org/
   tags: panel,activemq,apache
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cve-id:
+    cwe-id: CWE-200
 
 requests:
   - method: GET
@@ -17,3 +25,5 @@ requests:
           - '<h2>Welcome to the Apache ActiveMQ!</h2>'
           - '<title>Apache ActiveMQ</title>'
         condition: and
+
+# Enhanced by mp on 2022/03/22