id: ambari-exposure

info:
  name: Apache Ambari Exposure Admin Login Panel
  author: pdteam
  severity: info
  description: An Apache Ambari panel was discovered.
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cwe-id: CWE-668
    cpe: cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    product: ambari
    vendor: apache
  tags: panel,apache,ambari,exposure

http:
  - method: GET
    path:
      - '{{BaseURL}}'

    matchers:
      - type: word
        words:
          - '<title>Ambari</title>'
          - 'href="http://www.apache.org/licenses/LICENSE-2.0"'
        condition: and
# digest: 490a0046304402204acc787ea236f0c2b4073dd4042b4cac95511ea9f6e9ed03d23855b0c1c94aeb02200e69631855bfc6da502fb4eb99f610caa62e18bd66806eec5b1d32a54ece8e59:922c64590222798bb761d5b6d8e72950