From 7499faff026ab0cbb096fce11dfe575fa0ed1be3 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Sat, 22 May 2021 20:05:32 +0530
Subject: [PATCH] Create kubeflow-dashboard-unauth.yaml

---
 .../kubeflow-dashboard-unauth.yaml            | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 misconfiguration/kubeflow-dashboard-unauth.yaml

diff --git a/misconfiguration/kubeflow-dashboard-unauth.yaml b/misconfiguration/kubeflow-dashboard-unauth.yaml
new file mode 100644
index 0000000000..3d2fc07fbd
--- /dev/null
+++ b/misconfiguration/kubeflow-dashboard-unauth.yaml
@@ -0,0 +1,27 @@
+id: kubeflow-dashboard-unauth
+
+info:
+  name: Kubeflow Unauth
+  author: dhiyaneshDk
+  severity: high
+  reference: https://github.com/kubeflow/kubeflow
+  tags: kubeflow,unauth
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/pipeline/apis/v1beta1/runs?page_size=5&sort_by=created_at%20desc'
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '{"runs":[{"id":'
+          - 'resource_references'
+        part: body
+      - type: word
+        words:
+          - "application/json"
+        part: header
+      - type: status
+        status:
+          - 200