id: yarn-resourcemanager-rce info: name: Apache Hadoop YARN ResourceManager - Remote Code Execution author: pdteam severity: low description: Apache Hadoop YARN ResourceManager is susceptible to remote code execution. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. reference: - https://neerajsabharwal.medium.com/hadoop-yarn-hack-9a72cc1328b6 - https://www.infosecmatter.com/nessus-plugin-library/?id=117615 tags: apache,rce metadata: max-request: 1 http: - method: POST path: - '{{BaseURL}}/ws/v1/cluster/apps/new-application' matchers-condition: and matchers: - type: word words: - application-id - maximum-resource-capability condition: and - type: status status: - 200 # Enhanced by md on 2022/10/05