Sensitive Data: Apache Kylin Console - Default Login¶

Identifier: kylin_default_login

Scanner(s) Support¶

Description¶

The default password for the Apache Kylin Console is KYLIN for the ADMIN user in Kylin versions before 3.0.0.

Reference:

• https://github.com/hanc00l/pocGoby2Xray/blob/main/xraypoc/Apache_Kylin_Console_Default_password.yml
• https://github.com/Wker666/Demo/blob/main/script/%E6%BC%8F%E6%B4%9E%E6%8E%A2%E6%B5%8B/Kylin/Apache%20Kylin%20Console%20%E6%8E%A7%E5%88%B6%E5%8F%B0%E5%BC%B1%E5%8F%A3%E4%BB%A4.wker

Configuration¶

Example¶

Example configuration:

---
security_tests:
  kylin_default_login:
    assets_allowed:
    - REST
    - GRAPHQL
    - WEBAPP
    skip: false

Reference¶

assets_allowed¶

Type : List[AssetType]*

List of assets that this check will cover.

skip¶

Type : boolean

Skip the test if true.