Couchbase Buckets Unauthenticated REST API - Detect
ID: couchbase-buckets-api
Severity: medium
Author: geeknik
Tags: exposure,couchbase
Description
Section titled “Description”Couchbase Buckets REST API without authentication was detected.
YAML Source
Section titled “YAML Source”id: couchbase-buckets-api
info: name: Couchbase Buckets Unauthenticated REST API - Detect author: geeknik severity: medium description: Couchbase Buckets REST API without authentication was detected. reference: - https://docs.couchbase.com/server/current/rest-api/rest-bucket-intro.html - https://www.elastic.co/guide/en/beats/metricbeat/current/metricbeat-metricset-couchbase-bucket.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cwe-id: CWE-200 metadata: max-request: 1 tags: exposure,couchbase
http: - method: GET path: - "{{BaseURL}}/pools/default/buckets"
matchers-condition: and matchers: - type: status status: - 200
- type: word words: - '"couchbase":' - '"bucket":' - '"data":' condition: and
- type: word part: header words: - 'application/json'# digest: 490a004630440220106175f361f2507f26d459ffc3d3104a4b5f60f3c876137993a7bbee4454641f022038c1f7d037bf0eaaa67b83fe3e77ef200481bb6559bc4b742060266e79b93bb8:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/exposures/apis/couchbase-buckets-api.yaml"