id: ibm-security-access-manager

info:
  name: IBM Security Access Manager Login Panel - Detect
  author: geeknik
  severity: info
  description: IBM Security Access Manager login panel was detected.
  reference:
    - https://www.ibm.com/docs/en/sva/9.0.7?topic=overview-introduction-security-access-manager
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    max-request: 1
  tags: panel,ibm

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: or
    matchers:
      - type: word
        words:
          - "<title>IBM Security Access Manager</title>"
        part: body

      - type: word
        words:
          - "IBM Security Access Manager for Web"
        part: header

      - type: word
        words:
          - "/mga/sps/authsvc/policy/forgot_username"
          - "/mga/sps/authsvc/policy/forgot_password"
        part: body
        condition: and

# digest: 490a0046304402203d849e436fde841e44ef926c7b92144f11fc259e2426647c93d0fe9cae892e2202200b58f4e5e7e48835c8c6e97fee93c8eb5624721d8c9b8568cc1529221e1f16aa:922c64590222798bb761d5b6d8e72950