Merge pull request #2594 from push4d/CVE-2021-20114

Add files via upload
2021-09-06 17:52:37 +05:30 · 2021-09-06 17:52:37 +05:30 · c87a4b2022
parent 4075664390 54e5eea581
commit c87a4b2022
1 changed files with 29 additions and 0 deletions
--- a/cves/2021/CVE-2021-20114.yaml
+++ b/cves/2021/CVE-2021-20114.yaml
@ -0,0 +1,29 @@
+id: CVE-2021-20114
+
+info:
+  name: TCExam <= 14.8.1 Exposure of Sensitive Information to an Unauthorized Actor
+  author: push4d
+  severity: high
+  description: When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files.
+  reference:
+    - https://es-la.tenable.com/security/research/tra-2021-32?tns_redirect=true
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-20114
+  tags: cve,cve2021,tcexam,disclosure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cache/backup/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of /cache/backup"
+          - "Parent Directory"
+          - ".sql.gz"
+        condition: and
+
+      - type: status
+        status:
+          - 200