jaleelsyed / fx-local

0 stars 0 forks source link

adsfasdf : ExampleV1HotelsIdDeleteRoleUserDisallowedRbac #165

Closed jaleelsyed closed 2 years ago

jaleelsyed commented 5 years ago

Project : adsfasdf

Job : adsf

Env : Default

Category : RBAC

Tags : [OWASP - OTG-IDENT-001 , FX Top 10 - API Vulnerability, Endpoint_Access_Control]

Severity : Major

Region : local

Result : fail

Status Code : 406

Headers : {X-Application-Context=[application:8090], Content-Length=[0], Date=[Mon, 18 Feb 2019 16:57:07 GMT]}

Endpoint : http://18.144.38.115:8090/example/v1/hotels/6Dq8jvGf

Request :

Response :

Logs :
2019-02-18 04:57:07 DEBUG [ExampleV1HotelsIdDeleteRoleUserDisallowedRbac] : URL [http://18.144.38.115:8090/example/v1/hotels/6Dq8jvGf] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsIdDeleteRoleUserDisallowedRbac] : Method [DELETE] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsIdDeleteRoleUserDisallowedRbac] : Request [] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsIdDeleteRoleUserDisallowedRbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/xml, application/json]}] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsIdDeleteRoleUserDisallowedRbac] : Response [] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsIdDeleteRoleUserDisallowedRbac] : Response-Headers [{X-Application-Context=[application:8090], Content-Length=[0], Date=[Mon, 18 Feb 2019 16:57:07 GMT]}] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsIdDeleteRoleUserDisallowedRbac] : StatusCode [406] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsIdDeleteRoleUserDisallowedRbac] : Time [565] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsIdDeleteRoleUserDisallowedRbac] : Size [0] 2019-02-18 04:57:07 ERROR [ExampleV1HotelsIdDeleteRoleUserDisallowedRbac] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [406 == 401 OR 406 == 403] result [Failed]

--- FX Bot ---