Automate Recon and scanning process with Vidoc. All security teams in one place
The "Druid Monitor Unauthorized Access" module is a test case designed to detect unauthorized access vulnerabilities in the Druid monitoring software. It is a high severity module that aims to identify potential security risks related to misconfigurations or vulnerabilities in the software.
This module was authored by ohlinge.
If the "Druid Monitor Unauthorized Access" module detects unauthorized access, it indicates that the target Druid monitoring software may be vulnerable to unauthorized access by unauthorized users. This could potentially lead to unauthorized data access, manipulation, or other security breaches.
The "Druid Monitor Unauthorized Access" module works by sending an HTTP GET request to the "/druid/index.html" path of the target Druid monitoring software. It then applies matching conditions to determine if unauthorized access is possible.
The matching conditions for this module are as follows:- The response body must contain the phrase "Druid Stat Index</title>" - The response status code must be 200
If both matching conditions are met, the module will report a vulnerability related to unauthorized access in the target Druid monitoring software.