Description
The Hadoop cluster web interface is publicly accessible. This is not recommended on production systems.
Remediation
It's recommended to restrict access to this web interface.
References
Raining Shells - Ambari "0-day"
Hadoop MapReduce Next Generation - Setting up a Single Node Cluster.
Related Vulnerabilities
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.19)
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.14)
WordPress Plugin IgniteUp-Coming Soon and Maintenance Mode Multiple Vulnerabilities (3.4)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4300)
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-2327)