Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Adobe AEM Installed OSGI Bundles" module is designed to detect misconfigurations in Adobe Experience Manager (AEM) installations. AEM is a content management system that allows organizations to create, manage, and deliver digital experiences across various channels.
This module focuses on identifying misconfigured OSGi bundles within AEM, which can potentially lead to security vulnerabilities. The severity of this module is classified as low, indicating that the detected misconfigurations may not pose an immediate threat but should still be addressed to ensure the overall security of the AEM installation.
This module was authored by dhiyaneshDk.
If misconfigured OSGi bundles are detected, it could indicate potential security weaknesses in the AEM installation. Attackers may exploit these vulnerabilities to gain unauthorized access, manipulate content, or disrupt the functionality of the system.
The "Adobe AEM Installed OSGI Bundles" module utilizes HTTP request templates and matching conditions to identify misconfigured OSGi bundles within AEM.
One example of an HTTP request used by this module is:
GET /bin.tidy.infinity.json
The module applies the following matching conditions:
- Matchers 1: Looks for the presence of specific words, such as"jcr:primaryType"
and "jcr:uuid"
, indicating the presence of OSGi bundles.
- Matchers 2: Verifies that the HTTP response status is 200, indicating a successful request.
If both matching conditions are met, the module identifies the presence of misconfigured OSGi bundles within the AEM installation.
For more information, you can refer to the reference provided.
Metadata: shodan-query: http.title:"AEM Sign In",http.component:"Adobe Experience Manager"