Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Apache Storm Unauth" module is designed to detect misconfigurations in Apache Storm, an open-source distributed real-time computation system. This module focuses on identifying unauthorized access vulnerabilities in Apache Storm deployments. The severity of this vulnerability is classified as medium.
Author: pikpikcu
Reference: https://storm.apache.org/releases/current/STORM-UI-REST-API.html
If the Apache Storm Unauth vulnerability is present, it could allow unauthorized individuals to gain access to sensitive information or perform unauthorized actions within the Apache Storm system. This can lead to data breaches, unauthorized data modifications, or disruption of critical services.
The Apache Storm Unauth module works by sending an HTTP GET request to the "/api/v1/cluster/summary" endpoint of the Apache Storm UI REST API. It then applies matching conditions to determine if the response indicates a misconfiguration.
The matching conditions for this module are:
- The response body must contain the words "\"totalMem\":" and "\"stormVersion\":" - The response status code must be 200If both conditions are met, the module will report a vulnerability indicating the presence of the Apache Storm Unauth misconfiguration.