id: ibm-security-access-manager

info:
  name: IBM Security Access Manager Login Panel - Detect
  author: geeknik
  severity: info
  description: IBM Security Access Manager login panel was detected.
  reference:
    - https://www.ibm.com/docs/en/sva/9.0.7?topic=overview-introduction-security-access-manager
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    vendor: ibm
    product: security_access_manager
    max-request: 1
  tags: panel,ibm

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: or
    matchers:
      - type: word
        words:
          - "<title>IBM Security Access Manager</title>"
        part: body

      - type: word
        words:
          - "IBM Security Access Manager for Web"
        part: header

      - type: word
        words:
          - "/mga/sps/authsvc/policy/forgot_username"
          - "/mga/sps/authsvc/policy/forgot_password"
        part: body
        condition: and
# digest: 4a0a00473045022078427379f29c01380dcecd107afe4c790050956bbbd145326a9b98d955dcab79022100dcd7ac3aca664ff606cb9bc547dc5d82b2c1d3f7701caec32c7624849b2e5cb0:922c64590222798bb761d5b6d8e72950