Enhancement: cves/2017/CVE-2017-10271.yaml by mp

cves/2017/CVE-2017-10271.yaml

@@ -5,12 +5,12 @@ info:
   author: dr_set,ImNightmaree
   severity: high
   description: |
-    Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent - WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.
+    The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent - WLS Security) is susceptible to remote command execution. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. This easily exploitable vulnerability allows unauthenticated attackers with network access via T3 to compromise Oracle WebLogic Server.
   reference:
     - https://github.com/vulhub/vulhub/tree/fda47b97c7d2809660a4471539cd0e6dbf8fac8c/weblogic/CVE-2017-10271
     - https://github.com/SuperHacker-liuan/cve-2017-10271-poc
     - http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
-    - http://www.securitytracker.com/id/1039608
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-10271
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
     cvss-score: 7.5
@@ -93,4 +93,6 @@ requests:
         dsl:
           - body == "{{randstr}}"
           - status_code == 200
-        condition: and
+        condition: and
+
+# Enhanced by mp on 2022/06/09