Enhancement: vulnerabilities/other/unifi-network-log4j-rce.yaml by mp

2022-06-03 09:56:11 -04:00 · 2022-06-03 09:56:11 -04:00 · ec4c05e431
parent fc61a00bf3
commit ec4c05e431
1 changed files with 9 additions and 2 deletions
--- a/vulnerabilities/other/unifi-network-log4j-rce.yaml
+++ b/vulnerabilities/other/unifi-network-log4j-rce.yaml
@ -1,15 +1,20 @@
 id: unifi-network-log4j-rce

 info:
-  name: UniFi Network Log4j JNDI RCE
+  name: UniFi Network Application - Remote Code Execution (Log4j)
  author: KrE80r
  severity: critical
-  description: A critical vulnerability in Apache Log4j identified by CVE-2021-44228 has been publicly disclosed that may allow for remote code execution in an impacted UniFi Network Application .
+  description: UniFi Network Application is susceptible to a critical vulnerability in Apache Log4j (CVE-2021-44228) that may allow for remote code execution in an impacted implementation.
  reference:
    - https://community.ui.com/releases/UniFi-Network-Application-6-5-55/48c64137-4a4a-41f7-b7e4-3bee505ae16e
    - https://twitter.com/sprocket_ed/status/1473301038832701441
  metadata:
    shodan-query: http.title:"UniFi Network"
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cve-id:
+    cwe-id: CWE-77
  tags: rce,log4j,ubnt,unifi,oast,jndi

 requests:
@ -41,3 +46,5 @@ requests:
        group: 1
        regex:
          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'   # Print extracted ${hostName} in output
+
+# Enhanced by mp on 2022/06/03