Closed jaleelsyed closed 5 years ago
Project : RBAC testing
Job : Default
Env : Default
Category : RBAC
Tags : [OWASP - OTG-IDENT-001 , FX Top 10 - API Vulnerability]
Severity : Major
Region : local
Result : fail
Status Code : 500
Headers : {}
Endpoint : http://localhost:8090/api/v1/system-settings
Request : { "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "key" : "3am97R9v", "label" : "3am97R9v", "modifiedBy" : "", "modifiedDate" : "", "value" : "3am97R9v", "version" : "" }
Response : I/O error on PUT request for "http://localhost:8090/api/v1/system-settings": Connect to localhost:8090 [localhost/127.0.0.1, localhost/0:0:0:0:0:0:0:1] failed: Connection refused: connect; nested exception is org.apache.http.conn.HttpHostConnectException: Connect to localhost:8090 [localhost/127.0.0.1, localhost/0:0:0:0:0:0:0:1] failed: Connection refused: connect
Logs : 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : URL [http://localhost:8090/api/v1/system-settings] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Method [PUT] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Request [{ "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "key" : "3am97R9v", "label" : "3am97R9v", "modifiedBy" : "", "modifiedDate" : "", "value" : "3am97R9v", "version" : "" }] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json]}] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Response [I/O error on PUT request for "http://localhost:8090/api/v1/system-settings": Connect to localhost:8090 [localhost/127.0.0.1, localhost/0:0:0:0:0:0:0:1] failed: Connection refused: connect; nested exception is org.apache.http.conn.HttpHostConnectException: Connect to localhost:8090 [localhost/127.0.0.1, localhost/0:0:0:0:0:0:0:1] failed: Connection refused: connect] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Response-Headers [{}] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : StatusCode [500] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Time [2404] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Size [366] 2019-01-21 06:55:37 ERROR [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [500 == 401 OR 500 == 403] result [Failed]
--- FX Bot ---
Project : RBAC testing
Job : Default
Env : Default
Category : RBAC
Tags : [OWASP - OTG-IDENT-001 , FX Top 10 - API Vulnerability]
Severity : Major
Region : local
Result : fail
Status Code : 500
Headers : {}
Endpoint : http://localhost:8090/api/v1/system-settings
Request :
{ "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "key" : "3am97R9v", "label" : "3am97R9v", "modifiedBy" : "", "modifiedDate" : "", "value" : "3am97R9v", "version" : "" }
Response :
I/O error on PUT request for "http://localhost:8090/api/v1/system-settings": Connect to localhost:8090 [localhost/127.0.0.1, localhost/0:0:0:0:0:0:0:1] failed: Connection refused: connect; nested exception is org.apache.http.conn.HttpHostConnectException: Connect to localhost:8090 [localhost/127.0.0.1, localhost/0:0:0:0:0:0:0:1] failed: Connection refused: connect
Logs :
2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : URL [http://localhost:8090/api/v1/system-settings] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Method [PUT] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Request [{ "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "key" : "3am97R9v", "label" : "3am97R9v", "modifiedBy" : "", "modifiedDate" : "", "value" : "3am97R9v", "version" : "" }] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json]}] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Response [I/O error on PUT request for "http://localhost:8090/api/v1/system-settings": Connect to localhost:8090 [localhost/127.0.0.1, localhost/0:0:0:0:0:0:0:1] failed: Connection refused: connect; nested exception is org.apache.http.conn.HttpHostConnectException: Connect to localhost:8090 [localhost/127.0.0.1, localhost/0:0:0:0:0:0:0:1] failed: Connection refused: connect] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Response-Headers [{}] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : StatusCode [500] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Time [2404] 2019-01-21 06:55:37 DEBUG [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Size [366] 2019-01-21 06:55:37 ERROR [ApiV1SystemSettingsPutRoleUserDisallowedRbac] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [500 == 401 OR 500 == 403] result [Failed]
--- FX Bot ---