id: unauthenticated-tensorboard info: name: Tensorflow Tensorboard - Unauthenticated Access author: dhiyaneshDk description: Tensorflow Tensorboard was able to be accessed with no authentication requirements in place. severity: high tags: tensorflow,tensorboard,unauth requests: - method: GET path: - '{{BaseURL}}/data/plugins_listing' matchers-condition: and matchers: - type: word words: - 'scalars' - 'loading_mechanism' - 'custom_scalars' condition: and - type: status status: - 200 # Enhanced by mp on 2022/07/20