id: kubernetes-web-view

info:
  name: Kubernetes Local Cluster Web View Panel- Detect
  author: tess
  severity: medium
  description: Kubernetes local cluster web view panel discovered.
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
    cvss-score: 6.5
    cwe-id: CWE-200
    cpe: cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: kubernetes
    product: kubernetes
    shodan-query:
      - title:"Kubernetes Web View"
      - http.title:"kubernetes web view"
    fofa-query:
      - title="kubernetes web view"
      - app="kubernetes-enterprise-manager"
    google-query: intitle:"kubernetes web view"
  tags: panel,misconfig,kubernetes,k8s

http:
  - method: GET
    path:
      - '{{BaseURL}}'
      - '{{BaseURL}}/clusters/local'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'Kubernetes Web View</title>'
          - 'a href="https://codeberg.org/hjacobs/kube-web-view'
        condition: and

      - type: word
        part: header
        words:
          - "text/html"

      - type: status
        status:
          - 200
# digest: 4b0a00483046022100f6238df6a6e758995c7bb1b54ec735c881f04d6612531c16939f482a2f5ef5e0022100ff9db47791578367bc029c78b21e107f18a4195e1be6a3fb22475c1ea3b57ed7:922c64590222798bb761d5b6d8e72950