Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Cluster Overview - Unauthenticated Dashboard Exposure

By kannthu

Medium
Vidoc logoVidoc Module
#cluster#unauth#trino
Description

What is the "Cluster Overview - Unauthenticated Dashboard Exposure?"

The "Cluster Overview - Unauthenticated Dashboard Exposure" module is designed to detect a specific misconfiguration vulnerability in a cluster. It targets the Trino software and focuses on the exposure of an unauthenticated dashboard. This module has a medium severity level and was authored by tess.

Impact

If this vulnerability is present, it could allow unauthorized access to the cluster's dashboard, potentially exposing sensitive information and allowing malicious actors to perform unauthorized actions.

How the module works?

This module works by sending an HTTP POST request to the "/ui/login" path of the target cluster. The request includes the necessary headers, such as "Content-Type: application/x-www-form-urlencoded". The module then applies matching conditions to the response to determine if the vulnerability is present.

The matching conditions include:

- Checking if the response body contains the words "Cluster Overview" and "Query Details". - Verifying that the response status is 200.

If both conditions are met, the module reports the vulnerability.

Example HTTP request:

POST /ui/login
Content-Type: application/x-www-form-urlencoded

[Request Body]

Note: The actual request body content is not provided in the module definition.

Module preview

Concurrent Requests (1)
1. HTTP Request template
POST/ui/login
Headers

Content-Type: application/x-www-fo...

Matching conditions
word: Cluster Overview, Query Detailsand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability