Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Fiori Launchpad Login Panel - Detect" module is designed to detect the presence of the Fiori Launchpad login panel. It targets the SAP Fiori Launchpad, which is a web-based entry point for SAP business applications. This module is used to identify any misconfigurations or vulnerabilities related to the login panel.
This module has an informative severity level, which means it provides valuable information but does not indicate a critical security issue.
This module does not have a direct impact on the system. Instead, it helps identify potential security risks or misconfigurations related to the Fiori Launchpad login panel. By detecting these issues, system administrators can take appropriate actions to mitigate any potential risks and ensure the secure operation of the SAP Fiori Launchpad.
The "Fiori Launchpad Login Panel - Detect" module works by sending an HTTP GET request to the "/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html" path of the SAP Fiori Launchpad. It then applies a set of matching conditions to determine if the login panel is present and if the response meets the expected criteria.
The matching conditions for this module include:
- The presence of the "<title>Logon</title>
" and "SAP SE" keywords in the response body.
- The response header containing the "text/html" content type.
- The HTTP status code being 200 (OK).
If all of these conditions are met, the module considers the Fiori Launchpad login panel to be detected.
System administrators can use the results of this module to ensure that the Fiori Launchpad login panel is properly configured and secure.