OpenMetadata Scanner

OpenMetadata is widely used by organizations to manage metadata from various systems, providing a centralized system for data governance and analysis. By tracking data lineage, usage, and quality, it serves data engineers, analysts, and scientists in comprehending data's provenance and utilization. The platform is pivotal for organizations aiming for comprehensive data management and compliance with data regulations. Primarily deployed in data-centric industries, OpenMetadata aids in understanding and leveraging organizational data assets effectively. As an open-source data cataloging and governance tool, it integrates across a variety of data sources to offer a unified metadata management capability. Users can register and access metadata of different systems, which aids in making informed decisions by analyzing metadata.

This detection scanner identifies instances of OpenMetadata with vulnerabilities related to user enumeration issues. Such vulnerabilities can potentially disclose sensitive information about administrative users. By analyzing specific API endpoints, the scanner determines whether admin users are improperly exposed. The vulnerability arises when API responses include certain keywords or structures that indicate the presence of admin accounts. Failure to properly secure these endpoints can lead to unauthorized exposure of user information. The scanner focuses on detecting these exposures to prevent data leakage and misconfigurations.

The vulnerability targeted by the scanner lies in the configuration settings exposed through an API endpoint. This endpoint reveals admin user information, which should ideally remain confidential. It inspects API responses for the presence of specific JSON elements such as "adminPrincipals" and "principalDomain". Detection of these elements suggests a potential information disclosure risk. The identified vulnerability may arise from misconfigured access controls or lack of proper authorization checks on specified endpoints. The scanner uses both word and status code matchers to confirm the vulnerability. By identifying these risks, organizations can better secure their systems against unauthorized access.

Exploiting the detected vulnerability can lead to potential security risks, including unauthorized access to administrative functionalities. Malicious actors may leverage disclosed admin user information to launch targeted attacks such as phishing or brute-force attempts. The information leak can pave the way for privilege escalation within the compromised system, compromising data integrity and confidentiality. Organizations may face compliance issues if regulatory standards regarding data protection are violated due to these exposures. Additionally, the exploitation could damage the organization's reputation by undermining stakeholders' trust in its data governance practices. Preventing such risks requires immediate attention to fixing the exposed points.

REFERENCES

• https://github.com/open-metadata/OpenMetadata