id: unauthenticated-alert-manager

info:
  name: Alert Manager - Unauthenticated Access
  author: dhiyaneshDK
  severity: high
  description: Alert Manager was able to be accessed with no authentication requirements in place.
  classification:
    cpe: cpe:2.3:a:prometheus:alertmanager:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: prometheus
    product: alertmanager
    shodan-query: http.title:"Alertmanager"
  tags: unauth,alertmanager,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}/#/alerts"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - '<title>Alertmanager</title>'

      - type: status
        status:
          - 200
# digest: 490a00463044022032562a53fa2d1a58b8ac7b8dc297b4453db654777ef685255a82fa835152974e0220715063f775b88b53069b5c32ca94ee76bdc49a3d79808afcc1db3975efb04f1d:922c64590222798bb761d5b6d8e72950