Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
Dozzle - Logs Exposure is a module designed to detect the exposure of Docker logs through the Dozzle application. It targets instances where the Dozzle application is misconfigured, allowing unauthorized access to container logs. This module has a medium severity level.
Author: theabhinavgaur
If the Dozzle application is misconfigured and allows unauthorized access to container logs, it can lead to the exposure of sensitive information. This can potentially result in a breach of confidentiality and compromise the security of the Docker environment.
The module works by sending HTTP requests to the target and matching the responses against specific conditions. It checks if the response body contains the phrase "authorizationNeeded": "false" and the word "Dozzle". Additionally, it verifies that the response status is 200.
Example HTTP request:
GET / HTTP/1.1
Host: example.com
The module matches the conditions using logical AND, meaning all conditions must be met for a positive match.