Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Detect Springboot Thread Dump page" module is designed to detect the presence of a thread dump endpoint in a Spring Boot application. It targets Spring Boot applications and aims to identify potential misconfigurations or vulnerabilities related to the thread dump functionality. This module has a low severity level and was authored by philippedelteil.
The thread dump endpoint provides a snapshot of the application's JVM threads. If this endpoint is misconfigured or accessible to unauthorized users, it could potentially expose sensitive information about the application's internal state, including thread names and other details. This information could be leveraged by attackers to gain insights into the application's behavior or exploit any vulnerabilities present.
The module sends HTTP requests to the following paths: /threaddump
and /actuator/threaddump
. It then applies several matching conditions to determine if the thread dump endpoint is present and properly configured:
"threads":
and "threadName":
.
- The response headers must include one of the following content types: application/json
, application/vnd.spring-boot.actuator
, application/vnd.spring-boot.actuator.v2+json
, or application/vnd.spring-boot.actuator.v1+json
.
- The HTTP status code must be 200
.
If all of these conditions are met, the module will report a potential vulnerability or misconfiguration related to the Spring Boot thread dump page.
For more information, refer to the Spring Boot documentation.