Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Pipeline Configuration Exposure" module is designed to detect misconfigurations in pipeline configurations. It targets DevOps environments and focuses on exposing sensitive information related to Continuous Integration/Continuous Deployment (CI/CD) pipelines. This module has an informative severity level and was authored by DhiyaneshDK.
If a misconfiguration is detected, it could potentially expose sensitive information such as system details and project names. This information leakage could be exploited by malicious actors to gain unauthorized access or perform targeted attacks on the CI/CD pipeline.
The "Pipeline Configuration Exposure" module works by sending HTTP requests to specific endpoints, such as "/pipeline.yaml". It then applies matching conditions to determine if a misconfiguration is present. The matching conditions include checking for specific words like "system:" and "project_name:" in the response body, as well as verifying that the HTTP status code is 200.
Here is an example of an HTTP request sent by the module:
GET /pipeline.yaml
The module matches the response against the following conditions:
- Check if the response contains both "system:" and "project_name:" - Verify that the HTTP status code is 200If all the matching conditions are met, the module reports a potential misconfiguration.