Dashboard Content Enhancements (#4475)

Dashboard Content Enhancements

exposed-panels/circarlife-setup.yaml

@@ -1,12 +1,16 @@
 id: circarlife-setup
 
 info:
-  name: Exposed CirCarLife Setup Page
+  name: CirCarLife - Admin Panel Access
   author: geeknik
   severity: critical
-  description: CirCarLife is an internet-connected electric vehicle charging station
+  description: A CirCarLife admin panel was accessed. CirCarLife is an internet-connected electric vehicle charging station
   reference:
     - https://circontrol.com/
+  classification:
+    cvss-metrics: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-288
   tags: scada,circontrol,circarlife,setup,exposure,panel
 
 requests:
@@ -29,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/23

misconfiguration/unauthorized-plastic-scm.yaml

@@ -1,11 +1,16 @@
 id: unauthorized-plastic-scm
 
 info:
-  name: Unauthorized Access to Plastic Admin Console
+  name: Plastic Admin Console - Authentication Bypass
   author: DEENA
   severity: critical
+  description: A Plastic Admin console was discovered.
   reference:
     - https://infosecwriteups.com/story-of-google-hall-of-fame-and-private-program-bounty-worth-53559a95c468
+  classification:
+    cvss-metrics: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-288
   tags: plastic
 
 requests:
@@ -48,3 +53,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/23

network/ftp-weak-credentials.yaml

@@ -1,9 +1,15 @@
 id: ftp-weak-credentials
 
 info:
-  name: FTP Service with weak credentials
+  name: FTP Service - Credential Weakness
   author: pussycat0x
-  severity: critical
+  severity: high
+  description: An FTP service was accessed with easily guessed credentials.
+  reference:
+    - https://docs.microsoft.com/en-us/iis/configuration/system.applicationhost/sites/sitedefaults/ftpserver/security/authentication/
+  classification:
+    cvss-score: 8.5
+    cvss-metrics: 3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
   tags: network,ftp,default-login,service
 
 network:
@@ -33,3 +39,5 @@ network:
       - type: word
         words:
           - "230 Login successful"
+
+# Enhanced by mp on 2022/05/23

network/vsftpd-detection.yaml

@@ -1,11 +1,18 @@
 id: vsftpd-detection
 
 info:
-  name: VSFTPD v2.3.4 Backdoor Command Execution
+  name: VSFTPD 2.3.4 - Backdoor Command Execution
   author: pussycat0x
   severity: critical
+  description: VSFTPD 2.3.4 contains a backdoor command execution vulnerability.
   reference:
     - https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cve-id:
+    cwe-id: CWE-78
+  remediation: This backdoor was removed on July 3rd, 2011.
   tags: network,vsftpd,ftp,backdoor
 
 network:
@@ -20,3 +27,5 @@ network:
       - type: word
         words:
           - "vsFTPd 2.3.4"
+
+# Enhanced by mp on 2022/05/23

vulnerabilities/apache/apache-flink-unauth-rce.yaml

@@ -1,13 +1,19 @@
 id: apache-flink-unauth-rce
 
 info:
-  name: Apache Flink Unauth RCE
+  name: Apache Flink - Remote Code Execution
   author: pikpikcu
   severity: critical
-  reference:
+  description: Apache Flink
+  reference: Apache Flink contains an unauthenticated remote code execution vulnerability.
     - https://www.exploit-db.com/exploits/48978
     - https://adamc95.medium.com/apache-flink-1-9-x-part-1-set-up-5d85fd2770f3
     - https://github.com/LandGrey/flink-unauth-rce
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cve-id:
+    cwe-id: CWE-77
   tags: apache,flink,rce,intrusive,unauth
 
 requests:
@@ -40,3 +46,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/23