id: gloo-unauth

info:
  name: Unauthenticated Gloo UI
  author: dhiyaneshDk
  severity: high
  description: Gloo UI is exposed to external users.
  metadata:
    max-request: 1
  tags: unauth,gloo

http:
  - method: GET
    path:
      - '{{BaseURL}}/fed.rpc.solo.io.GlooInstanceApi/ListClusterDetails'

    headers:
      Content-type: "application/grpc-web+proto"
      Referer: "{{BaseURL}}/admin/"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "gke-remote"
        part: body

      - type: word
        words:
          - "application/grpc-web+proto"
        part: header

      - type: status
        status:
          - 200
# digest: 490a0046304402203dd4e659b79185e5f53ea270ecfa86793e917327cbc065063f9f820badbe03f302202e3153868d7ef270133cdc44390be9e3daf1dde1203a01f2fb5fb503111a2a42:922c64590222798bb761d5b6d8e72950