id: exposed-docker-api info: name: Exposed Docker API author: furkansenan,dwisiswant0 severity: info tags: docker,unauth,devops,misconfig metadata: max-request: 2 http: - method: GET path: - "http://{{Hostname}}/version" - "http://{{Hostname}}/v1.24/version" matchers-condition: and matchers: - type: word words: - "application/json" part: header - type: word words: - "KernelVersion" - "BuildTime" condition: and part: body - type: status status: - 200