t : ErrorPutAnonymousInvalid

Project : t

Job : Default

Env : Default

Category : Unsecured

Tags : [ OWASP - OTG-AUTHN-002, FX Top 10 - API Vulnerability, Non-Intrusive]

Severity : Major

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 500

Headers : {Server=[nginx/1.12.1], Date=[Sat, 23 Feb 2019 05:33:02 GMT], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Connection=[keep-alive]}

Endpoint : http://52.53.242.1/vault/error

Request :

Response :
{ "timestamp" : 1550899982587, "status" : 999, "error" : "None", "message" : "No message available" }

Logs :
2019-02-23 05:33:02 DEBUG [ ErrorPutAnonymousInvalid] : URL [http://52.53.242.1/vault/error] 2019-02-23 05:33:02 DEBUG [ ErrorPutAnonymousInvalid] : Method [PUT] 2019-02-23 05:33:02 DEBUG [ ErrorPutAnonymousInvalid] : Request [] 2019-02-23 05:33:02 DEBUG [ ErrorPutAnonymousInvalid] : Request-Headers [{Content-Type=[application/json], Accept=[application/json]}] 2019-02-23 05:33:02 DEBUG [ ErrorPutAnonymousInvalid] : Response [{ "timestamp" : 1550899982587, "status" : 999, "error" : "None", "message" : "No message available" }] 2019-02-23 05:33:02 DEBUG [ ErrorPutAnonymousInvalid] : Response-Headers [{Server=[nginx/1.12.1], Date=[Sat, 23 Feb 2019 05:33:02 GMT], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Connection=[keep-alive]}] 2019-02-23 05:33:02 DEBUG [ ErrorPutAnonymousInvalid] : StatusCode [500] 2019-02-23 05:33:02 DEBUG [ ErrorPutAnonymousInvalid] : Time [66] 2019-02-23 05:33:02 DEBUG [ ErrorPutAnonymousInvalid] : Size [88] 2019-02-23 05:33:02 ERROR [ ErrorPutAnonymousInvalid] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [500 == 401 OR 500 == 403] result [Failed]

--- FX Bot ---

devopsenggineer / Sanity

t : ErrorPutAnonymousInvalid #64