Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Apache Storm Unauth

By kannthu

Medium
Vidoc logoVidoc Module
#apache#unauth#misconfig
Description

What is "Apache Storm Unauth"?

The "Apache Storm Unauth" module is designed to detect misconfigurations in Apache Storm, an open-source distributed real-time computation system. This module focuses on identifying unauthorized access vulnerabilities in Apache Storm deployments. The severity of this vulnerability is classified as medium.

Author: pikpikcu

Reference: https://storm.apache.org/releases/current/STORM-UI-REST-API.html

Impact

If the Apache Storm Unauth vulnerability is present, it could allow unauthorized individuals to gain access to sensitive information or perform unauthorized actions within the Apache Storm system. This can lead to data breaches, unauthorized data modifications, or disruption of critical services.

How does the module work?

The Apache Storm Unauth module works by sending an HTTP GET request to the "/api/v1/cluster/summary" endpoint of the Apache Storm UI REST API. It then applies matching conditions to determine if the response indicates a misconfiguration.

The matching conditions for this module are:

- The response body must contain the words "\"totalMem\":" and "\"stormVersion\":" - The response status code must be 200

If both conditions are met, the module will report a vulnerability indicating the presence of the Apache Storm Unauth misconfiguration.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/api/v1/cluster/summ...
Matching conditions
word: "totalMem":, "stormVersion":and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability