diff --git a/http/misconfiguration/apache/apache-zeppelin-unauth.yaml b/http/misconfiguration/apache/apache-zeppelin-unauth.yaml
new file mode 100644
index 0000000000..5c11025597
--- /dev/null
+++ b/http/misconfiguration/apache/apache-zeppelin-unauth.yaml
@@ -0,0 +1,42 @@
+id: apache-zeppelin-unauth
+
+info:
+  name: Apache Zeppelin - Unauthenticated Access
+  author: j4vaovo
+  severity: high
+  description: |
+     Apache Zeppelin server was able to be accessed because no authentication was required.
+  reference: |
+    - https://www.adminxe.com/2172.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
+    cvss-score: 8.6
+    cwe-id: CWE-285
+  metadata:
+    verified: "true"
+    shodan-query: title:"Zeppelin"
+    fofa-query: title="Zeppelin"
+  tags: misconfig,apache,zeppelin,unauth
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/api/security/ticket"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'status":"OK'
+          - '"ticket":"anonymous"'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - 'application/json'
+
+      - type: status
+        status:
+          - 200