id: ambari-exposure

info:
  name: Apache Ambari Exposure Admin Login Panel
  author: pdteam
  severity: info
  description: An Apache Ambari panel was discovered.
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cwe-id: CWE-668
    cpe: cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: apache
    product: ambari
  tags: panel,apache,ambari,exposure

http:
  - method: GET
    path:
      - '{{BaseURL}}'

    matchers:
      - type: word
        words:
          - '<title>Ambari</title>'
          - 'href="http://www.apache.org/licenses/LICENSE-2.0"'
        condition: and
# digest: 4a0a004730450220362bb12b26421eb594dd89edeb1041feeff5130cbecd7d1e0fe803531296a5b6022100ec20001ce3e5d9025405c8c19b56814b5ea3872db9bb8a454c446602f5471eb5:922c64590222798bb761d5b6d8e72950