Automate Recon and scanning process with Vidoc. All security teams in one place
The "Cluster Overview - Unauthenticated Dashboard Exposure" module is designed to detect a specific misconfiguration vulnerability in a cluster. It targets the Trino software and focuses on the exposure of an unauthenticated dashboard. This module has a medium severity level and was authored by tess.
If this vulnerability is present, it could allow unauthorized access to the cluster's dashboard, potentially exposing sensitive information and allowing malicious actors to perform unauthorized actions.
This module works by sending an HTTP POST request to the "/ui/login" path of the target cluster. The request includes the necessary headers, such as "Content-Type: application/x-www-form-urlencoded". The module then applies matching conditions to the response to determine if the vulnerability is present.
The matching conditions include:- Checking if the response body contains the words "Cluster Overview" and "Query Details". - Verifying that the response status is 200.
If both conditions are met, the module reports the vulnerability.
Example HTTP request:
POST /ui/login Content-Type: application/x-www-form-urlencoded [Request Body]
Note: The actual request body content is not provided in the module definition.