Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The Prometheus Flags API Endpoint module is designed to detect misconfigurations in Prometheus, a monitoring and alerting toolkit. This module has an informative severity level.
This module detects a potential information leakage vulnerability in Prometheus. By querying the "/api/v1/status/flags" endpoint, it checks for specific response conditions that indicate the presence of sensitive data or misconfigurations.
The module sends a GET request to the "/api/v1/status/flags" endpoint of the target Prometheus instance. It then applies a set of matching conditions to the response to determine if any vulnerabilities or misconfigurations are present.
The matching conditions include:
- Checking if the response status code is 200 - Verifying the presence of specific words in the response body, such as "data" and "config.file" - Ensuring that the response header contains the "application/json" content typeIf all the matching conditions are met, the module reports a potential information leakage vulnerability in Prometheus.
It is important to note that this module is designed to provide informative results and does not actively exploit any vulnerabilities.