Severity and other cleanups

2023-02-02 18:05:19 -05:00 · 2023-02-02 18:05:19 -05:00 · fcd29bf40a
parent f9271d485a
commit fcd29bf40a
13 changed files with 35 additions and 21 deletions
--- a/cves/2018/CVE-2018-11409.yaml
+++ b/cves/2018/CVE-2018-11409.yaml
@ -4,7 +4,7 @@ info:
  name: Splunk <=7.0.1 - Information Disclosure
  author: harshbothra_
  severity: medium
-  description: Splunk through 7.0.1 is susceptible to information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key. An attacker can access sensitive information, modify data, and/or execute unauthorized operations.
+  description: Splunk through 7.0.1 is susceptible to information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key.
  reference:
    - https://github.com/kofa2002/splunk
    - https://www.exploit-db.com/exploits/44865/
--- a/cves/2019/CVE-2019-17503.yaml
+++ b/cves/2019/CVE-2019-17503.yaml
@ -4,7 +4,7 @@ info:
  name: Kirona Dynamic Resource Scheduler - Information Disclosure
  author: LogicalHunter
  severity: medium
-  description: Kirona Dynamic Resource Scheduler is susceptible to information disclosure. An unauthenticated user can directly access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd), which contains sensitive information through SQL queries, such as database version, table name, and column name.
+  description: Kirona Dynamic Resource Scheduler is susceptible to information disclosure. An unauthenticated user can directly access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd), which contains sensitive information with exposed SQL queries, such as database version, table name, and column name.
  reference:
    - https://www.exploit-db.com/exploits/47498
    - https://github.com/Ramikan/Vulnerabilities/blob/master/Kirona-DRS%205.5.3.5%20Multiple%20Vulnerabilities
--- a/cves/2019/CVE-2019-3401.yaml
+++ b/cves/2019/CVE-2019-3401.yaml
@ -29,4 +29,12 @@ requests:
          - '<title>Manage Filters - Jira</title>'
        condition: and

+# Remediation:
+# Ensure that this permission is restricted to specific groups that require it.
+# You can restrict it in Administration > System > Global Permissions.
+# Turning the feature off will not affect existing filters and dashboards.
+# If you change this setting, you will still need to update the existing filters and dashboards if they have already been
+# shared publicly.
+# Since Jira 7.2.10, a dark feature to disable site-wide anonymous access was introduced.
+
 # Enhanced by md on 2023/02/01
--- a/exposed-panels/adiscon-loganalyzer.yaml
+++ b/exposed-panels/adiscon-loganalyzer.yaml
@ -1,13 +1,13 @@
 id: adiscon-loganalyzer

 info:
-  name: Adiscon LogAnalyzer - Detect
+  name: Adiscon LogAnalyzer - Information Disclosure
  author: geeknik
-  severity: info
+  severity: high
  description: Adiscon LogAnalyzer was discovered. Adiscon LogAnalyzer is a web interface to syslog and other network event data. It provides easy browsing and analysis of real-time network events and reporting services.
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
    cwe-id: CWE-200
  reference:
    - https://loganalyzer.adiscon.com/
--- a/exposed-panels/beego-admin-dashboard.yaml
+++ b/exposed-panels/beego-admin-dashboard.yaml
@ -3,13 +3,14 @@ id: beego-admin-dashboard
 info:
  name: Beego Admin Dashboard Panel- Detect
  author: DhiyaneshDk
-  severity: info
+  severity: medium
  description: Beego Admin Dashboard panel was detected.
  reference:
+    - https://github.com/beego
    - https://twitter.com/shaybt12/status/1584112903577567234/photo/1
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
    cwe-id: CWE-200
  metadata:
    verified: true
--- a/exposed-panels/completeview-web-panel.yaml
+++ b/exposed-panels/completeview-web-panel.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  description: CompleteView panel was detected.
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
--- a/exposed-panels/connect-box-login.yaml
+++ b/exposed-panels/connect-box-login.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  description: Connect Box login panel was detected.
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
--- a/exposed-panels/grails-database-admin-console.yaml
+++ b/exposed-panels/grails-database-admin-console.yaml
@ -3,14 +3,15 @@ id: grails-database-admin-console
 info:
  name: Grails Admin Console Panel - Detect
  author: emadshanab
-  severity: info
+  severity: medium
  description: Grails Admin Console panel was detected.
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
    cwe-id: CWE-200
  reference:
    - https://www.acunetix.com/vulnerabilities/web/grails-database-console/
+    - http://h2database.com/html/quickstart.html#h2_console
  tags: grails,panel

 requests:
--- a/exposed-panels/machform-admin-panel.yaml
+++ b/exposed-panels/machform-admin-panel.yaml
@ -9,7 +9,8 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
-  reference: https://www.machform.com/
+  reference:
+    - https://www.machform.com/
  metadata:
    verified: true
    shodan-query: title:"MachForm Admin Panel"
--- a/exposed-panels/neo4j-browser.yaml
+++ b/exposed-panels/neo4j-browser.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  description: The Neo4j Browser has been detected.
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
--- a/exposed-panels/odoo-database-manager.yaml
+++ b/exposed-panels/odoo-database-manager.yaml
@ -3,11 +3,13 @@ id: odoo-database-manager
 info:
  name: Odoo Database Manager Panel - Detect
  author: __Fazal,R3dg33k
-  severity: info
-  description: Odoo database manager was discovered.
+  severity: critical
+  description: Odoo database manager was discovered and allows access to databases.
+  reference:
+    - https://www.odoo.com/
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
    cwe-id: CWE-200
  tags: panel,odoo

--- a/exposed-panels/sidekiq-dashboard.yaml
+++ b/exposed-panels/sidekiq-dashboard.yaml
@ -8,6 +8,7 @@ info:
  reference:
    - https://sidekiq.org
    - https://github.com/mperham/sidekiq
+    - https://github.com/mperham/sidekiq/wiki/Monitoring
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
--- a/exposed-panels/solr-exposure.yaml
+++ b/exposed-panels/solr-exposure.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  description: Apache Solr admin panel was detected.
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata: