Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Fiori Launchpad Login Panel - Detect" module is designed to detect the presence of the Fiori Launchpad login panel. It targets the Fiori Launchpad software and aims to identify any misconfigurations or vulnerabilities related to the login panel. The severity of this module is classified as informative, meaning it provides valuable information but does not pose an immediate threat.
This module was authored by dhiyaneshDK.
The detection of the Fiori Launchpad login panel does not directly indicate any impact or risk. However, it can help identify potential security weaknesses or configuration issues that may require further investigation and remediation.
The "Fiori Launchpad Login Panel - Detect" module utilizes HTTP request templates and matching conditions to identify the presence of the login panel. It sends a GET request to the "/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html?saml2=disabled" path and applies the following matching conditions:
- The response body must contain the words "<title>Logon</title>" and "fioriLogin". - The response status code must be 200.If both conditions are met, the module considers the Fiori Launchpad login panel to be detected.
Example HTTP request:
GET /sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html?saml2=disabled
The module then reports the detection of the login panel as an informative finding.
For more information, you can refer to the exploit-db.com reference.
Metadata:
max-request: 1