RSA Self-Service Login Panel - Detect

What is the "RSA Self-Service Login Panel - Detect?"

The "RSA Self-Service Login Panel - Detect" module is designed to detect the presence of the RSA Self-Service login panel. This module focuses on identifying misconfigurations or vulnerabilities related to the RSA Self-Service software. The severity of this module is informative, meaning it provides valuable information but does not pose an immediate threat. This module was created by an unknown author.

Impact

This module does not have a direct impact on the target system. Instead, it provides information about the presence of the RSA Self-Service login panel, which can help identify potential security risks or misconfigurations.

How the module works?

The "RSA Self-Service Login Panel - Detect" module works by sending an HTTP GET request to the "/console-selfservice/SelfService.do" path. It then applies two matching conditions to determine if the RSA Self-Service login panel is present:

- The module checks the response body for specific keywords, including "Self-Service Console," "RSA," "AM_Self_Service_Console," and "console-selfservice." If any of these keywords are found, it indicates the presence of the RSA Self-Service login panel. - The module also verifies that the HTTP response status code is 200, indicating a successful request. This condition ensures that the target URL is accessible.

If both matching conditions are met, the module reports the presence of the RSA Self-Service login panel.