Hub Appsec rule

More info

vpatch-CVE-2023-23752 AppSec Rule

« vpatch-CVE-2023-23752 »
v0.1 by crowdsecurity
AppSec rule

Joomla! Webservice - Password Disclosure (CVE-2023-23752)

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2023-23752

YAML Configuration

1name: crowdsecurity/vpatch-CVE-2023-23752
2description: "Joomla! Webservice - Password Disclosure (CVE-2023-23752)"
3rules:
4  - and:
5    - zones:
6      - URI
7      transform:
8      - lowercase
9      match:
10        type: regex
11        value: (/config/application|/users)$
12    - zones:
13      - ARGS
14      variables:
15      - public
16      transform:
17      - lowercase
18      match:
19        type: equals
20        value: "true"
21labels:
22  type: exploit
23  service: http
24  confidence: 3
25  spoofable: 0
26  behavior: "http:exploit"
27  label: "Joomla! Webservice - Password Disclosure"
28  classification:
29   - cve.CVE-2023-23752
30   - attack.T1595
31   - attack.T1190
32   - cwe.CWE-284
33   - cwe.CWE-266
34
35
36

Hub Appsec rule

« vpatch-CVE-2023-23752 »v0.1 by crowdsecurityAppSec rule

« vpatch-CVE-2023-23752 »
v0.1 by crowdsecurity
AppSec rule