Merge pull request #10387 from NoelV11/main

Added Template to detect Exposed Instances of RLOS Cabinet Management…
2024-07-30 22:42:33 +05:30 · 2024-07-30 22:42:33 +05:30 · 75886b85f8
parent fbc0fa8c77 8cf57b8bd0
commit 75886b85f8
1 changed files with 31 additions and 0 deletions
--- a/http/misconfiguration/manage-cabinet-register.yaml
+++ b/http/misconfiguration/manage-cabinet-register.yaml
@ -0,0 +1,31 @@
+id: manage-cabinet-register
+
+info:
+  name: Manage Cabinet Register - Exposed
+  author: noel
+  severity: low
+  description: |
+   The path to the Cabinet Storage is omniapp/pages/cabinet/managecabinet.jsf?Action=1. If exposed, it gives an attacker insight into information such as Storage Volume Name, Cabinet Name, it's alias, Deployed AppServer IP Address and Port
+  reference:
+    - https://www.edms-consultants.com/newgen-rlos/
+  metadata:
+    verified: true
+    shodan-query: html:"omniapp"
+    max-request: 1
+  tags: misconfig,cabinet,exposure
+
+http:
+  - method: GET
+    path:
+      - '{{BaseURL}}/omniapp/pages/cabinet/managecabinet.jsf?Action=1'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Manage Cabinet [Register Cabinet]'
+
+      - type: status
+        status:
+          - 200