Alfresco CMS Detection

What is the "Alfresco CMS Detection?"

The "Alfresco CMS Detection" module is designed to detect the presence of Alfresco CMS (Content Management System) and provide information about its configuration. Alfresco CMS is a popular open-source platform used for document management and collaboration. This module focuses on identifying potential misconfigurations or vulnerabilities within the Alfresco CMS installation.

This module has an informative severity level, which means it provides valuable insights and recommendations but does not indicate an immediate security threat.

This module was authored by pathtaga.

Impact

The impact of the "Alfresco CMS Detection" module is primarily informational. It helps users identify potential issues or weaknesses in their Alfresco CMS setup, allowing them to take appropriate actions to enhance security and optimize their configuration.

How does the module work?

The "Alfresco CMS Detection" module utilizes HTTP request templates and matching conditions to identify the presence of Alfresco CMS. It sends a GET request to the "/alfresco/api/-default-/public/cmis/versions/1.1/atom" endpoint and applies two matching conditions:

- The response body must contain the string "org/alfresco/api/opencmis/OpenCMIS.get". - The response header must include the string "application/json".

If both conditions are met, the module considers Alfresco CMS to be detected.

By analyzing the HTTP response, the module can determine if Alfresco CMS is present and potentially provide additional metadata or details about the installation.

It's important to note that this module only performs a single test case and does not actively exploit any vulnerabilities or modify the target system.

For more information about Alfresco CMS, you can visit their official website: https://www.alfresco.com/.

Metadata: max-request: 1