id: ambari-exposure

info:
  name: Apache Ambari Exposure Admin Login Panel
  author: pdteam
  severity: info
  description: An Apache Ambari panel was discovered.
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cwe-id: CWE-668
    cpe: cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    product: ambari
    vendor: apache
  tags: panel,apache,ambari,exposure

http:
  - method: GET
    path:
      - '{{BaseURL}}'

    matchers:
      - type: word
        words:
          - '<title>Ambari</title>'
          - 'href="http://www.apache.org/licenses/LICENSE-2.0"'
        condition: and
# digest: 4a0a00473045022031735cf6b7fade6b43cda240c60cd438baed81c04d87c990d7fb254fb4300e89022100c82323053ac45945d11a88b54dac81da1e4a2910dd883732fb65a17f681919cd:922c64590222798bb761d5b6d8e72950