Update CVE-2020-2733.yaml

cves/2020/CVE-2020-2733.yaml

@@ -1,19 +1,21 @@
 id: CVE-2020-2733
 
 info:
-  name: JD Edwards EnterpriseOne Tools admin password not adequately protected
+  name: JD Edwards EnterpriseOne Tools - Admin Password Disclosure
   author: DhiyaneshDk,pussycat0x
   severity: critical
-  description: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools.
+  description: |
+    Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools.
   reference:
     - https://redrays.io/cve-2020-2733-jd-edwards/
     - https://www.oracle.com/security-alerts/cpuapr2020.html
     - https://nvd.nist.gov/vuln/detail/CVE-2020-2733
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2733
+  classification:
+    cve-id: CVE-2020-2733
   metadata:
     verified: true
-    shodan-query: product:"Oracle WebLogic Server"
+    shodan-query: port:8999 product:"Oracle WebLogic Server"
-  tags: cve,cve2020,oracle,weblogic
+  tags: cve,cve2020,oracle,weblogic,disclosure
 
 requests:
   - method: GET
@@ -26,7 +28,6 @@ requests:
         part: body
         words:
           - 'ACHCJK'
-        condition: and
 
       - type: word
         part: header