UI: Remove Drupal exploiter references
This commit is contained in:
parent
7eddee251e
commit
ffbf0f440e
|
@ -24,7 +24,6 @@ import {struts2IssueOverview, struts2IssueReport} from './security/issues/Struts
|
|||
import {webLogicIssueOverview, webLogicIssueReport} from './security/issues/WebLogicIssue';
|
||||
import {hadoopIssueOverview, hadoopIssueReport} from './security/issues/HadoopIssue';
|
||||
import {mssqlIssueOverview, mssqlIssueReport} from './security/issues/MssqlIssue';
|
||||
import {drupalIssueOverview, drupalIssueReport} from './security/issues/DrupalIssue';
|
||||
import {wmiPasswordIssueReport, wmiPthIssueReport} from './security/issues/WmiIssue';
|
||||
import {sshKeysReport, shhIssueReport, sshIssueOverview} from './security/issues/SshIssue';
|
||||
import {log4shellIssueOverview, log4shellIssueReport} from './security/issues/Log4ShellIssue';
|
||||
|
@ -98,11 +97,6 @@ class ReportPageComponent extends AuthComponent {
|
|||
[this.issueContentTypes.REPORT]: mssqlIssueReport,
|
||||
[this.issueContentTypes.TYPE]: this.issueTypes.DANGER
|
||||
},
|
||||
'DrupalExploiter': {
|
||||
[this.issueContentTypes.OVERVIEW]: drupalIssueOverview,
|
||||
[this.issueContentTypes.REPORT]: drupalIssueReport,
|
||||
[this.issueContentTypes.TYPE]: this.issueTypes.DANGER
|
||||
},
|
||||
'WmiExploiter': {
|
||||
[this.issueContentTypes.REPORT]: {
|
||||
[this.credentialTypes.PASSWORD]: wmiPasswordIssueReport,
|
||||
|
|
|
@ -1,24 +0,0 @@
|
|||
import React from 'react';
|
||||
import CollapsibleWellComponent from '../CollapsibleWell';
|
||||
|
||||
export function drupalIssueOverview() {
|
||||
return (<li>Drupal server/s are vulnerable to <a
|
||||
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6340">CVE-2019-6340</a>.</li>)
|
||||
}
|
||||
|
||||
export function drupalIssueReport(issue) {
|
||||
return (
|
||||
<>
|
||||
Upgrade Drupal server to versions 8.5.11, 8.6.10, or later.
|
||||
<CollapsibleWellComponent>
|
||||
Drupal server at <span className="badge badge-primary">{issue.machine}</span> (<span
|
||||
className="badge badge-info" style={{margin: '2px'}}>{issue.ip_address}</span>) is vulnerable to <span
|
||||
className="badge badge-danger">remote command execution</span> attack.
|
||||
<br/>
|
||||
The attack was made possible because the server is using an old version of Drupal, for which REST API is
|
||||
enabled. For possible workarounds, fixes and more info read
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6340">here</a>.
|
||||
</CollapsibleWellComponent>
|
||||
</>
|
||||
);
|
||||
}
|
Loading…
Reference in New Issue