cAdvisor - Detect

What is "cAdvisor - Detect"?

The "cAdvisor - Detect" module is designed to detect misconfigurations in the cAdvisor software. cAdvisor is a container monitoring tool that provides information about resource usage and performance characteristics of running containers. This module focuses on identifying potential vulnerabilities or exposure in cAdvisor installations.

This module has a medium severity level, indicating that the detected misconfigurations could potentially lead to security risks if left unaddressed.

Author: DhiyaneshDk

Impact

If misconfigurations are detected by this module, it could indicate that the cAdvisor installation is not properly secured. This may allow unauthorized access or expose sensitive information, potentially leading to further security breaches or unauthorized actions.

How does the module work?

The "cAdvisor - Detect" module works by sending HTTP requests to the target cAdvisor installation and analyzing the responses based on predefined matching conditions. It checks for the presence of specific HTML elements, headers, and response statuses to determine if a misconfiguration or vulnerability exists.

For example, one of the HTTP requests sent by this module is a GET request to the "/containers/" path. It expects the response to contain the HTML title tag "<title>cAdvisor - /</title>", have a "text/html" content type in the header, and return a 200 status code.

If all the matching conditions are met, the module reports a vulnerability or misconfiguration in the cAdvisor installation.

Metadata:

- max-request: 1 - verified: true - shodan-query: title:"cAdvisor"