Skip to content

New Module: Added Ivanti ICS CVE-2023-46805 Vuln #786

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
securestep9 merged 3 commits into from
Jan 18, 2024
Merged

New Module: Added Ivanti ICS CVE-2023-46805 Vuln #786

securestep9 merged 3 commits into from
Jan 18, 2024

Conversation

@jimmy-ly00
Copy link
Contributor

@jimmy-ly00 jimmy-ly00 commented Jan 16, 2024
edited
Loading

Checklist

  • I have followed the Contributor Guidelines.
  • The code has been thoroughly tested in my local development environment with flake8 and pylint.
  • The code is Python 3 compatible.
  • The code follows the PEP8 styling guidelines with 4 spaces indentation.
  • This Pull Request relates to only one issue or only one feature
  • I have referenced the corresponding issue number in my commit message
  • I have added the relevant documentation.
  • My branch is up-to-date with the Upstream master branch.

Changes proposed in this pull request

I have added a new module for a vuln module CVE-2023-46805. The detection method is from Watchtwr which states that if it 403 with empty content its not fixed. If it has content then the mitigation patch was applied. Currently, it does a reverse regex of it found content as I'm not able to work out how to define empty content.

python3 nettacker.py -i [target] -m ivanti_ics_cve_2023_46805_vuln --skip-service-discovery

Your development environment

  • OS: WSL Kali Linux
  • OS Version: Linux 5.15.90.1-microsoft-standard-WSL2
  • Python Version: Python 3.11.6

@securestep9
Copy link
Collaborator

securestep9 commented Jan 18, 2024

@jimmy-ly00 this module only checks for CVE-2023-46805 (auth bypass) - can you please rename it as we want one module in Nettacker to detect one CVE only.

@jimmy-ly00 jimmy-ly00 changed the title New Module: Added Ivanti ICS CVE-2023-46805 and CVE-2024-21887 Vuln New Module: Added Ivanti ICS CVE-2023-46805 Vuln Jan 18, 2024
@jimmy-ly00
Copy link
Contributor Author

jimmy-ly00 commented Jan 18, 2024

@jimmy-ly00 this module only checks for CVE-2023-46805 (auth bypass) - can you please rename it as we want one module in Nettacker to detect one CVE only.

Great point, I have modified it to be just CVE-2023-46805, please see again.

@securestep9 securestep9 added the new module pull request with new module(s) label Jan 18, 2024
@securestep9 securestep9 merged commit cfa711f into OWASP:master Jan 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@securestep9 securestep9 securestep9 approved these changes

Assignees

No one assigned

Labels

new module pull request with new module(s)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jimmy-ly00 @securestep9