Nomad - Exposed Jobs

What is the "Nomad - Exposed Jobs" module?

The "Nomad - Exposed Jobs" module is a test case designed to detect misconfigurations in the Nomad software. Nomad is a DevOps tool developed by HashiCorp that enables the deployment and management of applications across multiple servers.

This module focuses on identifying exposed Nomad jobs, which could potentially lead to security vulnerabilities. The severity of this module is classified as medium.

Author: pdteam

Impact

If this module detects exposed Nomad jobs, it indicates a potential security risk. Exposed jobs may contain sensitive information or configurations that could be exploited by malicious actors. It is important to address any identified misconfigurations to ensure the security of the Nomad deployment.

How does the module work?

The "Nomad - Exposed Jobs" module utilizes HTTP request templates and matching conditions to identify exposed Nomad jobs. It sends a GET request to the "/ui/jobs" endpoint and applies the following matching conditions:

- The response must contain the words "Nomad" or "nomad-ui" in any part of the content. - The response must have a "Content-Type" header with the value "text/html". - The response status code must be 200 (OK).

If all the matching conditions are met, the module reports the presence of exposed Nomad jobs.

Example HTTP request:

GET /ui/jobs

Matching conditions:

- Content contains "Nomad" or "nomad-ui" - Header "Content-Type" is "text/html" - Response status code is 200

For more information about Nomad security, refer to the Nomad security documentation.

Metadata:

max-request: 1