id: sap-netweaver-portal info: name: SAP NetWeaver Portal - Detect author: organiccrap severity: info description: SAP NetWeaver Portal login has been detected. Note that NetWeaver has multiple default passwords as listed in the references. reference: - https://www.sap.com/products/technology-platform/netweaver.html - https://www.cisoplatform.com/profiles/blogs/sap-netweaver-abap-security-configuration-part-2-default classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 cpe: cpe:2.3:a:sap:netweaver_portal:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: sap product: netweaver_portal tags: panel,sap http: - method: GET path: - "{{BaseURL}}/irj/portal" matchers: - type: word words: - "SAP NetWeaver Portal" part: body # digest: 490a0046304402202b713afb211f14f699a152897ff548c0c9af66e0c310cc13b55e01c731b2c4c6022007b0aab97c09dc62c6526f405e23a5bf449b1af600883c0e082382ee847c8ab5:922c64590222798bb761d5b6d8e72950