From 750068a98d9cf35cf3818be51b47da8dcdaee46f Mon Sep 17 00:00:00 2001
From: E1A <57531297+E1A@users.noreply.github.com>
Date: Tue, 31 Oct 2023 13:08:32 +0100
Subject: [PATCH] Delete http/cves/2023/CVE-2023-20198.yaml

---
 http/cves/2023/CVE-2023-20198.yaml | 25 -------------------------
 1 file changed, 25 deletions(-)
 delete mode 100644 http/cves/2023/CVE-2023-20198.yaml

diff --git a/http/cves/2023/CVE-2023-20198.yaml b/http/cves/2023/CVE-2023-20198.yaml
deleted file mode 100644
index 00388df909..0000000000
--- a/http/cves/2023/CVE-2023-20198.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-id: CVE-2023-20198
-info:
-  name: Cisco IOS XE Privilege Esculation detection
-  author: E1A & rxerium
-  severity: critical
-  description: |
-    A vulnerability in the Web User Interface (Web UI) of Cisco IOS XE software allows an attacker to create an account on the affected device with privilege level 15 access, effectively granting them full control of the compromised device and allowing possible subsequent unauthorized activity.
-  remediation: "Disable the HTTP server feature on internet-facing systems by running one of the following commands in global configuration mode: `no ip http server` or `no ip http secure-server`"
-  reference:
-    - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z
-    - https://www.bleepingcomputer.com/news/security/cisco-warns-of-new-ios-xe-zero-day-actively-exploited-in-attacks/
-    - https://socradar.io/cisco-warns-of-exploitation-of-a-maximum-severity-zero-day-vulnerability-in-ios-xe-cve-2023-20198/
-  tags: cve,cve2023,cisco
-
-requests:
-  - raw:
-      - |+
-        POST /webui/logoutconfirm.html?logon_hash=1 HTTP/1.1
-        Host: {{Hostname}}
-
-    matchers:
-      - type: regex
-        part: body
-        regex:
-          - '[0-9a-fA-F]+'
\ No newline at end of file