Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Elastic HD Dashboard Exposure

By kannthu

Vidoc logoVidoc Module

Elastic HD Dashboard Exposure

What is the "Elastic HD Dashboard Exposure" module?

The "Elastic HD Dashboard Exposure" module is designed to detect misconfigurations in the Elastic HD Dashboard, a software that provides a graphical interface for managing Elasticsearch clusters. This module focuses on identifying potential security vulnerabilities and exposures in the Elastic HD Dashboard.

This module has a low severity level, indicating that the identified issues may have limited impact on the overall security of the system.

This module was authored by tess.


If vulnerabilities or misconfigurations are found in the Elastic HD Dashboard, attackers may be able to gain unauthorized access to sensitive data or perform malicious actions within the Elasticsearch cluster. This can lead to data breaches, unauthorized modifications, or disruptions in the availability of the system.

How does the module work?

The "Elastic HD Dashboard Exposure" module works by sending HTTP requests to the target system and analyzing the responses based on predefined matching conditions. It checks for the presence of specific keywords in the response body and headers, as well as the HTTP status code.

For example, one of the matching conditions is to check if the response body contains the words "Elastic HD Dashboard" or "elasticsearch go Edition head plugin". Additionally, it verifies that the response header includes the content type "text/html" and that the HTTP status code is 200 (OK).

By evaluating these conditions, the module determines if the Elastic HD Dashboard is exposed and potentially vulnerable to attacks.

Module preview

Concurrent Requests (0)
Passive global matcher
word: Elastic HD Dashboard, elasticsearch go E...and
word: text/htmland
status: 200
On match action
Report vulnerability