Weave Scope Panel - Detect

What is the "Weave Scope Panel - Detect" module?

The "Weave Scope Panel - Detect" module is a test case designed to detect misconfigurations, vulnerabilities, or specific software fingerprints. It focuses on the Weave Scope panel, a software component used for visualizing and monitoring containerized applications in Kubernetes clusters. This module has an informative severity level, meaning it provides valuable insights without posing an immediate threat. The original author of this module is not specified.

Impact

This module helps identify potential security risks or configuration issues related to the Weave Scope panel. By detecting misconfigurations, vulnerabilities, or specific software fingerprints, it enables users to take appropriate actions to mitigate potential risks and ensure the secure operation of their containerized applications.

How the module works?

The "Weave Scope Panel - Detect" module works by sending HTTP requests to the target system and analyzing the responses based on predefined matching conditions. It uses a set of matchers to search for specific patterns in the response body. The module's matching conditions include the following:

- The response body must contain the HTML title tag "<title>Weave Scope</title>". - The response body must contain the string "__WEAVEWORKS_CSRF_TOKEN". - The response body must contain the string "__CSRF_TOKEN_PLACEHOLDER__".

If all of these conditions are met, the module considers the test case successful and reports the identified vulnerabilities or misconfigurations.

Here is a simplified example of an HTTP request that the module might send:

GET /weave/scope HTTP/1.1
Host: example.com
User-Agent: Vidoc-Scanner
Accept: */*

By analyzing the response to this request and applying the matching conditions, the module determines whether the Weave Scope panel is properly configured and free from vulnerabilities.