id: adiscon-loganalyzer info: name: Adiscon LogAnalyzer Detection author: geeknik severity: high description: Adiscon LogAnalyzer was discovered. Adiscon LogAnalyzer is a web interface to syslog and other network event data. It provides easy browsing and analysis of real-time network events and reporting services. reference: - https://loganalyzer.adiscon.com/ classification: cwe-id: CWE-200 tags: adiscon,loganalyzer,syslog,exposures requests: - method: GET path: - '{{BaseURL}}' matchers-condition: and matchers: - type: word part: body words: - 'Adiscon LogAnalyzer' - 'value="SYSLOG"' - 'value="EVTRPT"' - 'value="WEBLOG"' condition: and - type: status status: - 200 - type: word part: header words: - 'text/html' # Enhanced by mp on 2022/03/20