Information Disclosure: Selenium - Node Exposure¶
Identifier:
selenium_exposure
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner | ASM Scanner |
|---|---|---|---|
Description¶
Selenium nodes exposed without authentication could allow remote command execution if chromium is configured, potentially giving attackers control over the Selenium grid.
How we test: We test for exposed Selenium nodes by attempting to access Selenium endpoints without authentication and analyzing responses to detect if nodes are accessible and if remote command execution is possible.
Reference:
- https://nutcrackerssecurity.github.io/selenium.html
- https://labs.detectify.com/2017/10/06/guest-blog-dont-leave-your-grid-wide-open/
Configuration¶
Example¶
Example configuration:
Reference¶
skip¶
Type : boolean
Skip the test if true.