Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Prometheus targets API endpoint" module is designed to detect misconfigurations or vulnerabilities in the Prometheus targets API. Prometheus is an open-source monitoring and alerting toolkit that is widely used for collecting and analyzing metrics from various systems. This module focuses specifically on the API endpoint used to retrieve information about the targets being monitored by Prometheus.
This module has an informative severity level, which means it provides valuable insights and information but does not indicate a critical vulnerability or misconfiguration.
If a misconfiguration or vulnerability is detected in the Prometheus targets API endpoint, it could potentially lead to inaccurate or incomplete monitoring data. This could impact the effectiveness of monitoring and alerting systems that rely on Prometheus for collecting metrics.
The module works by sending an HTTP GET request to the "/api/v1/targets" path of the Prometheus targets API endpoint. It then applies a set of matching conditions to determine if the response indicates a misconfiguration or vulnerability.
The matching conditions include:
- Status: The response status code must be 200. - Body: The response body must contain the words "\"status\": \"success\"", "\"data\":", and "\"labels\":". - Header: The response header must include the word "application/json".If all of these conditions are met, the module reports a potential misconfiguration or vulnerability in the Prometheus targets API endpoint.