Hub Appsec rule

More info

vpatch-CVE-2021-26086 AppSec Rule

« vpatch-CVE-2021-26086 »
v0.1 by crowdsecurity
AppSec rule

Atlassian Jira Server/Data Center 8.4.0 - Limited Remote File Read/Include (CVE-2021-26086)

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2021-26086

YAML Configuration

1name: crowdsecurity/vpatch-CVE-2021-26086
2description: "Atlassian Jira Server/Data Center 8.4.0 - Limited Remote File Read/Include (CVE-2021-26086)"
3rules:
4  - or:
5      - zones:
6          - URI
7        transform:
8          - lowercase
9        match:
10          type: contains
11          value: /;/web-inf/
12      - zones:
13          - URI
14        transform:
15          - lowercase
16        match:
17          type: contains
18          value: /;/meta-inf/
19
20labels:
21   type: exploit
22   service: http
23   confidence: 3
24   spoofable: 0
25   behavior: "http:exploit"
26   label: "Atlassian Jira Server/Data Center 8.4.0 File Read"
27   references:
28    - https://github.com/ColdFusionX/CVE-2021-26086
29    - https://nvd.nist.gov/vuln/detail/CVE-2021-26086
30   classification:
31     - cve.CVE-2021-26086
32     - CWE.22
33     - attack.T1595
34     - attack.T1190

Hub Appsec rule

« vpatch-CVE-2021-26086 »v0.1 by crowdsecurityAppSec rule

« vpatch-CVE-2021-26086 »
v0.1 by crowdsecurity
AppSec rule