Sensitive Data: Rundeck - Default Login¶
Identifier:
rundeck_default_login
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner | ASM Scanner |
|---|---|---|---|
Description¶
Rundeck workflow automation platform may be accessible with default credentials, allowing unauthorized access to job execution, configuration, and administrative functions.
How we test: We attempt to authenticate to the Rundeck web interface using common default username and password combinations. If authentication succeeds, we report the vulnerability.
Reference:
- https://raw.githubusercontent.com/karkis3c/bugbounty/main/nuclei-templates/default-login/rundeck-default-login.yaml
- https://docs.rundeck.com/docs/learning/
Configuration¶
Example¶
Example configuration:
Reference¶
skip¶
Type : boolean
Skip the test if true.