From 8b387fc9feef423f262b32d039d6702dd33d648b Mon Sep 17 00:00:00 2001
From: Amitai Cohen <71866656+korniko98@users.noreply.github.com>
Date: Tue, 26 Dec 2023 13:42:53 +0200
Subject: [PATCH] Delete vulnerabilities/azure-waf-bypass.yaml

---
 vulnerabilities/azure-waf-bypass.yaml | 31 ---------------------------
 1 file changed, 31 deletions(-)
 delete mode 100644 vulnerabilities/azure-waf-bypass.yaml

diff --git a/vulnerabilities/azure-waf-bypass.yaml b/vulnerabilities/azure-waf-bypass.yaml
deleted file mode 100644
index a66e745d..00000000
--- a/vulnerabilities/azure-waf-bypass.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-title: Azure WAF managed rule set globbing pattern bypass
-slug: azure-waf-bypass
-cves: null
-affectedPlatforms:
-- Azure
-affectedServices:
-- Azure WAF
-image: https://images.pexels.com/photos/1662298/pexels-photo-1662298.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=2
-severity: Medium
-discoveredBy: 
-  name: Divyanshu Shukla
-  org: null
-  domain: https://justm0rph3u5.medium.com
-  twitter: justm0rph3u5
-publishedAt: 2022/07/01
-disclosedAt: 2021/06/24
-exploitabilityPeriod: until July 16th, 2021
-knownITWExploitation: false
-summary: |
-  Azure Web Application Firewall (WAF) with OWASP 3.2 managed rule set and below was
-  vulnerable to command injection bypass using globbing patterns (incorporating the
-  wildcard "?" in command syntax). For example, while attempting access to "/etc/passwd"
-  would be blocked, a command targeting "/et?/passwo?d" would be allowed.
-manualRemediation: |
-  None required
-detectionMethods: null
-contributor: https://github.com/justmorpheus
-references:
-- https://medium.com/secjuice/waf-evasion-techniques-718026d693d8
-- https://medium.com/bugbountywriteup/module-1-introduction-pentesting-bypassing-cloud-waf-fun-profit-75f315951aa8
-- https://twitter.com/justm0rph3u5/status/1542943538857799680