Description
The Hadoop cluster web interface is publicly accessible. This is not recommended on production systems.
Remediation
It's recommended to restrict access to this web interface.
References
Raining Shells - Ambari "0-day"
Hadoop MapReduce Next Generation - Setting up a Single Node Cluster.
Related Vulnerabilities
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4298)
WordPress Plugin iThemes Security (formerly Better WP Security) Multiple Vulnerabilities (3.6.3)
Express cookie-session weak secret key
Apache Tomcat version older than 7.0.28
XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32731)