Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Jedox Web Login Panel - Detect" module is designed to detect misconfigurations in the Jedox Web login panel. Jedox is an Enterprise Performance Management software used for planning, analytics, and reporting in various areas such as finance, sales, human resources, and procurement. This module focuses on identifying vulnerabilities in the login panel, which can help improve the overall security of the Jedox software.
Severity: Informative
Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER, Michael WEDL
This module aims to identify potential misconfigurations in the Jedox Web login panel. By detecting these issues, administrators can take appropriate actions to secure the login panel and prevent unauthorized access or data breaches.
The module utilizes HTTP request templates and matching conditions to identify misconfigurations in the Jedox Web login panel. It sends a GET request to the "/ui/login/" path and applies the following matching conditions:
- The response body must contain the words "Jedox Web - Login" or "guide-jedox-software". - The response status code must be 200.If both matching conditions are met, the module considers the login panel to be potentially misconfigured.
Example HTTP request:
GET /ui/login/ HTTP/1.1
Host: [target_host]
Note: Replace "[target_host]" with the actual target host.