Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
Author: DhiyaneshDK
The Spring Boot LoggerConfig Actuator Panel - Detect module is designed to detect potential misconfigurations in the Log
The Spring Boot LoggerConfig Actuator Panel - Detect module works by sending HTTP requests to specific endpoints and matching the responses against predefined conditions. It targets the Spring Boot LoggerConfig Actuator Panel and aims to detect misconfigurations in the logging configuration.
Here is an example of an HTTP request sent by the module:
GET /loggingConfig HTTP/1.1
Host: example.com
Accept: application/json, application/vnd.spring-boot.actuator, application/vnd.spring-boot.actuator.v1+json
The module uses the following matching conditions:
- The response body must contain the words"loggingConfig"
and "propertySources"
.
- The response headers must include one of the following content types: application/json
, application/vnd.spring-boot.actuator
, or application/vnd.spring-boot.actuator.v1+json
.
- The response status code must be 200
.
If all the matching conditions are met, the module will report a potential misconfiguration in the LoggerConfig Actuator Panel.