漏洞描述
【漏洞对象】Hadoop 【漏洞描述】Hadoop集群管理平台Ambari的后台地址/api/v1/users/admin默认口令admin:admin,攻击者可非法远程登陆管理平台,并对大数据集群的计算节点进行操作,影响大数据业务的正常进行。
Hadoop集群管理平台Ambari-默认口令
PoC代码
暂无相关漏洞推荐
- hadoop-yarn-rpc-rce: Hadoop Yarn RPC RCE
- POC ambari-default-password: Apache Ambari Default Password
- POC hadoop-disclosure: Apache Hadoop Disclosure
- POC hadoop-yarn-unauth: Hadoop Yarn Unauth
- POC ambari-default-login: Apache Ambari Default Login
- POC hadoop-unauth-rce: Apache Hadoop YARN ResourceManager - Remote Code Execution
- POC yarn-resourcemanager-rce: Apache Hadoop YARN ResourceManager - Remote Code Execution
- Apache Ambari 未授权访问
- Apache Hadoop 敏感信息存储不当漏洞
- Apache Hadoop 弱口令漏洞
- Apache Ambari < 2.7.8 XXE漏洞
- Apache Hadoop cluster 未授权访问漏洞
- Apache Ambari Metrics Consumers 远程代码执行漏洞