Skip to content
Nuclei Templates

Open Virtualization Userportal & Webadmin Panel Detection

ID: open-virtualization-manager-panel

Severity: info

Author: idealphase

Tags: panel,ovirt,oss

Description

Section titled “Description”

Open Virtualization Userportal & Webadmin panels were detected. Open Virtualization Manager is an open-source distributed virtualization solution designed to manage enterprise infrastructure. oVirt uses the trusted KVM hypervisor and is built upon several other community projects, including libvirt, Gluster, PatternFly, and Ansible.

YAML Source

Section titled “YAML Source”
id: open-virtualization-manager-panel


info:
  name: Open Virtualization Userportal & Webadmin Panel Detection
  author: idealphase
  severity: info
  description: Open Virtualization Userportal & Webadmin panels were detected. Open Virtualization Manager is an open-source distributed virtualization solution designed to manage enterprise infrastructure. oVirt uses the trusted KVM hypervisor and is built upon several other community projects, including libvirt, Gluster, PatternFly, and Ansible.
  reference:
    - https://www.ovirt.org/
    - https://www.ovirt.org/dropped/admin-guide/virt/console-client-resources.html
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cwe-id: CWE-668
  metadata:
    max-request: 2
    shodan-query: title:"Ovirt-Engine"
    google-query: intitle:"Ovirt-Engine"
  tags: panel,ovirt,oss


http:
  - method: GET
    path:
      - '{{BaseURL}}/ovirt-engine/userportal/'
      - '{{BaseURL}}/ovirt-engine/webadmin/'


    matchers-condition: and
    matchers:
      - type: word
        words:
          - '"application_title":"oVirt Engine User Portal"'
          - '"application_title":"oVirt Engine Web Administration"'
        condition: or


      - type: status
        status:
          - 200


    extractors:
      - type: regex
        group: 1
        regex:
          - '"application_title":"(([a-zA-Z]+\s)*[a-zA-Z]+)"'
# digest: 4b0a004830460221009d50ae48ddc3a41c2da501ee7f80560f6156a3eeed03823e488ffd3c0788ccc40221008e7cf6011781103e6f7a7e2265c765abfe132f84625b7e1168926de29432e2ca:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/exposed-panels/open-virtualization-manager-panel.yaml"

View on Github