Skip to content

Sensitive Data: Apache Apollo - Default Login

Identifier: apache_apollo_default_login

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

Apache Apollo message broker management interface may be accessible with default credentials, allowing unauthorized access to message queue configuration, monitoring, and administrative functions.

How we test: We attempt to authenticate to the Apache Apollo interface using common default username and password combinations. If authentication succeeds, we report the vulnerability.

Configuration

Example

Example configuration:

---
security_tests:
  apache_apollo_default_login:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.