Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Unauthenticated Spark WebUI

By kannthu

Medium
Vidoc logoVidoc Module
#unauth#vulhub#spark
Description

What is the "Unauthenticated Spark WebUI?"

The "Unauthenticated Spark WebUI" module is designed to detect a misconfiguration vulnerability in the Spark WebUI, a web-based user interface for Apache Spark. This module focuses on identifying instances where the Spark WebUI is accessible without authentication, potentially exposing sensitive information to unauthorized users. The severity of this vulnerability is classified as medium.

Impact

If the Spark WebUI is accessible without authentication, an attacker could gain unauthorized access to the interface and potentially exploit or manipulate the Apache Spark cluster. This could lead to unauthorized data access, data manipulation, or disruption of the cluster's operations.

How the module works?

The "Unauthenticated Spark WebUI" module works by sending HTTP requests to the target system and analyzing the responses for specific patterns. It checks for a status code of 200 and looks for the presence of the following strings in the response body:

<title>Spark Master at spark://</title>
<strong>URL:</strong>

If both conditions are met, the module considers the Spark WebUI to be accessible without authentication and reports it as a potential misconfiguration vulnerability.

Module preview

Concurrent Requests (0)
Passive global matcher
status: 200and
word: <title>Spark Master at spark://, <strong...
On match action
Report vulnerability