Remove blank cve-id fields from templates. (#4516)

* Remove blank cve-id fields from templates. Add cve-id to CVE-2022-0776.yaml * Fix classification spelling
2022-05-31 10:34:35 -04:00 · 2022-05-31 10:34:35 -04:00 · 88c150d2e0
parent 075c7449ff
commit 88c150d2e0
45 changed files with 2 additions and 44 deletions
--- a/cnvd/2020/CNVD-2020-46552.yaml
+++ b/cnvd/2020/CNVD-2020-46552.yaml
@ -12,7 +12,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: cnvd,cnvd2020,sangfor,rce

--- a/cves/2022/CVE-2022-0776.yaml
+++ b/cves/2022/CVE-2022-0776.yaml
@ -9,6 +9,8 @@ info:
    - https://hackerone.com/reports/691977
    - https://github.com/hakimel/reveal.js/pull/3137
    - https://huntr.dev/bounties/be2b7ee4-f487-42e1-874a-6bcc410e4001/
+  classification:
+    cve-id: CVE-2022-0776
  tags: cve,cve2022,headless,postmessage,revealjs

 headless:
--- a/exposures/configs/laravel-env.yaml
+++ b/exposures/configs/laravel-env.yaml
@ -12,7 +12,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
-    cve-id:
    cwe-id: CWE-522
  tags: config,exposure,laravel

--- a/fuzzing/wordpress-weak-credentials.yaml
+++ b/fuzzing/wordpress-weak-credentials.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
    cvss-score: 5.8
-    cve-id:
    cwe-id: CWE-522
  tags: wordpress,default-login,fuzz

--- a/iot/qvisdvr-deserialization-rce.yaml
+++ b/iot/qvisdvr-deserialization-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: qvisdvr,rce,deserialization,jsf,iot

--- a/network/vsftpd-detection.yaml
+++ b/network/vsftpd-detection.yaml
@ -10,7 +10,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-78
  remediation: This backdoor was removed on July 3rd, 2011.
  tags: network,vsftpd,ftp,backdoor
--- a/vulnerabilities/apache/apache-flink-unauth-rce.yaml
+++ b/vulnerabilities/apache/apache-flink-unauth-rce.yaml
@ -12,7 +12,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: apache,flink,rce,intrusive,unauth

--- a/vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml
+++ b/vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml
@ -13,7 +13,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  remediation: Upgrade to Apache OFBiz version 8.12.03 or later.
  tags: ofbiz,oast,log4j,rce,apache,jndi
--- a/vulnerabilities/apache/apache-solr-log4j-rce.yaml
+++ b/vulnerabilities/apache/apache-solr-log4j-rce.yaml
@ -14,7 +14,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: solr,oast,log4j,rce,apache,jndi

--- a/vulnerabilities/code42/code42-log4j-rce.yaml
+++ b/vulnerabilities/code42/code42-log4j-rce.yaml
@ -16,7 +16,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: jndi,log4j,rce,cve,cve2021,oast,code42

--- a/vulnerabilities/fastjson/fastjson-1-2-24-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-24-rce.yaml
@ -12,7 +12,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: fastjson,rce,deserialization,oast

--- a/vulnerabilities/fastjson/fastjson-1-2-41-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-41-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: fastjson,rce,deserialization,oast

--- a/vulnerabilities/fastjson/fastjson-1-2-42-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-42-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: fastjson,rce,deserialization,oast

--- a/vulnerabilities/fastjson/fastjson-1-2-43-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-43-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: fastjson,rce,deserialization,oast

--- a/vulnerabilities/fastjson/fastjson-1-2-47-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-47-rce.yaml
@ -13,7 +13,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: fastjson,rce,deserialization,oast

--- a/vulnerabilities/fastjson/fastjson-1-2-62-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-62-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: fastjson,rce,deserialization,oast

--- a/vulnerabilities/fastjson/fastjson-1-2-67-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-67-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: fastjson,rce,deserialization,oast

--- a/vulnerabilities/fastjson/fastjson-1-2-68-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-68-rce.yaml
@ -12,7 +12,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: fastjson,rce,deserialization,oast

--- a/vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml
+++ b/vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml
@ -12,7 +12,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: rce,jndi,log4j,jamf

--- a/vulnerabilities/jenkins/jenkins-script.yaml
+++ b/vulnerabilities/jenkins/jenkins-script.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: jenkins,rce,devops

--- a/vulnerabilities/joomla/rusty-joomla.yaml
+++ b/vulnerabilities/joomla/rusty-joomla.yaml
@ -12,7 +12,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: joomla,rce,unauth,php,cms,objectinjection

--- a/vulnerabilities/metersphere/metersphere-plugin-rce.yaml
+++ b/vulnerabilities/metersphere/metersphere-plugin-rce.yaml
@ -12,7 +12,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: metersphere,rce,intrusive

--- a/vulnerabilities/other/WSO2-2019-0598.yaml
+++ b/vulnerabilities/other/WSO2-2019-0598.yaml
@ -13,7 +13,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
    cvss-score: 6.8
-    cve-id:
    cwe-id: CWE-918
  tags: ssrf,wso2,shindig

--- a/vulnerabilities/other/clockwatch-enterprise-rce.yaml
+++ b/vulnerabilities/other/clockwatch-enterprise-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: clockwatch,rce,network

--- a/vulnerabilities/other/icewarp-webclient-rce.yaml
+++ b/vulnerabilities/other/icewarp-webclient-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: icewarp,rce

--- a/vulnerabilities/other/lotuscms-rce.yaml
+++ b/vulnerabilities/other/lotuscms-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: lotuscms,rce

--- a/vulnerabilities/other/maccmsv10-backdoor.yaml
+++ b/vulnerabilities/other/maccmsv10-backdoor.yaml
@ -10,7 +10,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: maccmsv10,rce,backdoor

--- a/vulnerabilities/other/magicflow-lfi.yaml
+++ b/vulnerabilities/other/magicflow-lfi.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
    cvss-score: 8.6
-    cve-id:
    cwe-id: CWE-22
  tags: magicflow,lfi

--- a/vulnerabilities/other/mirai-unknown-rce.yaml
+++ b/vulnerabilities/other/mirai-unknown-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: mirai,rce,oast

--- a/vulnerabilities/other/natshell-rce.yaml
+++ b/vulnerabilities/other/natshell-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: natshell,rce

--- a/vulnerabilities/other/netgear-router-exposure.yaml
+++ b/vulnerabilities/other/netgear-router-exposure.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
-    cve-id:
    cwe-id: CWE-200
  tags: netgear,exposure,iot,router

--- a/vulnerabilities/other/nuuo-nvrmini2-rce.yaml
+++ b/vulnerabilities/other/nuuo-nvrmini2-rce.yaml
@ -13,7 +13,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: rce,nuuo,nvrmini

--- a/vulnerabilities/other/oa-tongda-path-traversal.yaml
+++ b/vulnerabilities/other/oa-tongda-path-traversal.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: tongda,lfi

--- a/vulnerabilities/other/opensns-rce.yaml
+++ b/vulnerabilities/other/opensns-rce.yaml
@ -12,7 +12,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: opensns,rce

--- a/vulnerabilities/other/oracle-fatwire-lfi.yaml
+++ b/vulnerabilities/other/oracle-fatwire-lfi.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
    cvss-score: 8.6
-    cve-id:
    cwe-id: CWE-22
  tags: lfi,oracle,fatwire

--- a/vulnerabilities/other/php-zerodium-backdoor-rce.yaml
+++ b/vulnerabilities/other/php-zerodium-backdoor-rce.yaml
@ -12,7 +12,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: php,backdoor,rce,zerodium

--- a/vulnerabilities/other/powercreator-cms-rce.yaml
+++ b/vulnerabilities/other/powercreator-cms-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: rce,powercreator,intrusive

--- a/vulnerabilities/other/qi-anxin-netkang-next-generation-firewall-rce.yaml
+++ b/vulnerabilities/other/qi-anxin-netkang-next-generation-firewall-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: rce,firewall,intrusive

--- a/vulnerabilities/other/qihang-media-disclosure.yaml
+++ b/vulnerabilities/other/qihang-media-disclosure.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
-    cve-id:
    cwe-id: CWE-522
  tags: qihang,exposure

--- a/vulnerabilities/other/sangfor-ba-rce.yaml
+++ b/vulnerabilities/other/sangfor-ba-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  metadata:
    verified: true
--- a/vulnerabilities/other/sar2html-rce.yaml
+++ b/vulnerabilities/other/sar2html-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: sar2html,rce,oast

--- a/vulnerabilities/other/seowon-router-rce.yaml
+++ b/vulnerabilities/other/seowon-router-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: rce,seowon,router,unauth,iot

--- a/vulnerabilities/other/showdoc-file-upload-rce.yaml
+++ b/vulnerabilities/other/showdoc-file-upload-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: rce,fileupload,showdoc,oss,intrusive

--- a/vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml
+++ b/vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml
@ -12,7 +12,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: shellshock,sonicwall,rce,vpn

--- a/vulnerabilities/other/sponip-network-system-ping-rce.yaml
+++ b/vulnerabilities/other/sponip-network-system-ping-rce.yaml
@ -11,7 +11,6 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
-    cve-id:
    cwe-id: CWE-77
  tags: sponip,rce,oast,network