minor-update

http/cves/2024/CVE-2024-36104.yaml

@@ -1,14 +1,29 @@
 id: CVE-2024-36104
 
 info:
-  name: Apache OFBiz Path Traversal to RCE (CVE-2024-36104)
+  name: Apache OFBiz - Path Traversal
   author: Co5mos
   severity: critical
   description: |
-    Apache OFBiz 18.12.14之前版本存在命令执行漏洞，该漏洞源于org.apache.ofbiz.webapp.control.ControlFilter类对路径（请求URL中的特殊字符（如 ；、%2e）限制不当导致攻击者能够绕过后台功能点的过滤器验证，并通过/webtools/control/ProgramExport接口的编程导出功能执行任意Groovy代码获取系统权限。
+    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.14. Users are recommended to upgrade to version 18.12.14, which fixes the issue.
+  reference:
+    - http://www.openwall.com/lists/oss-security/2024/06/03/1
+    - https://issues.apache.org/jira/browse/OFBIZ-13092
+    - https://lists.apache.org/thread/sv0xr8b1j7mmh5p37yldy9vmnzbodz2o
+    - https://ofbiz.apache.org/download.html
+    - https://ofbiz.apache.org/security.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
+    cvss-score: 9.1
+    cve-id: CVE-2024-36104
+    cwe-id: CWE-22
+    epss-score: 0.00045
+    epss-percentile: 0.16306
   metadata:
-    fofa-query: 'app="Apache_OFBiz"'
-  tags: rce,lfi,apache,ofbiz,cve,cve2024
+    verified: true
+    max-request: 1
+    fofa-query: app="Apache_OFBiz"
+  tags: cve,cve2024,apache,obiz,lfi
 
 http:
   - raw:
@@ -26,6 +41,11 @@ http:
         regex:
           - 'uid=\d+\(([^)]+)\) gid=\d+\(([^)]+)\)'
 
+      - type: word
+        part: body
+        words:
+          - 'java.lang.Exception'
+
       - type: status
         status:
           - 200