daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

misc updates

patch-1
Prince Chaddha 2024-01-17 02:38:25 +05:30 committed by GitHub
parent 823cbcb226
commit 92d6bae318
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
http/cves/2023/CVE-2023-46805.yaml
View File

@ -7,6 +7,7 @@ info:
description: An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. description: An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
reference: reference:
- https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US - https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
- https://nvd.nist.gov/vuln/detail/CVE-2023-46805
classification: classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
cvss-score: 8.2 cvss-score: 8.2
@ -17,7 +18,7 @@ info:
vendor: ivanti vendor: ivanti
product: connect_secure product: connect_secure
shodan-query: html:"welcome.cgi?p=logo" shodan-query: html:"welcome.cgi?p=logo"
tags: cve,cve2023,kev,auth-bypass tags: cve,cve2023,kev,auth-bypass,ivanti
http: http:
- method: GET - method: GET