漏洞描述
Apache YARN ResourceManager panel was detected.
yarn-manager-exposure: Apache YARN ResourceManager Panel - Detect
PoC代码[已公开]
id: yarn-manager-exposure
info:
name: Apache YARN ResourceManager Panel - Detect
author: pdteam
severity: low
description: Apache YARN ResourceManager panel was detected.
classification:
cpe: cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: apache
product: hadoop
tags: panel,apache,yarn,exposure,discovery
http:
- method: GET
path:
- '{{BaseURL}}/cluster/cluster'
matchers:
- type: word
words:
- 'hadoop'
- 'resourcemanager'
- 'logged in as: dr.who'
condition: and
# digest: 4b0a004830460221009a42af875c53fefe27c0b1808f297db55ea9b482c4fd5443a158e507a8796682022100fa13c9528c7256bc0b5d5511c262efd969d50ffc3db0a153a57441c5500d27b4:922c64590222798bb761d5b6d8e72950