CVE-2022-33891

The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to perform impersonation by providing an arbitrary user name. A malicious user might then be able to reach a permission check function that will ultimately build a Unix shell command based on their input, and execute it. This will result in arbitrary shell command execution as the user Spark is currently running as. This affects Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:spark:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:spark:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:spark:*:*:*:*:*:*:*:*

History

02 Aug 2023, 17:21

Type Values Removed Values Added
References (MLIST) http://www.openwall.com/lists/oss-security/2023/05/02/1 - Mailing List (MLIST) http://www.openwall.com/lists/oss-security/2023/05/02/1 - Mailing List, Third Party Advisory

21 Jul 2023, 17:47

Type Values Removed Values Added
CWE CWE-77 CWE-78
References (MLIST) http://www.openwall.com/lists/oss-security/2023/05/02/1 - (MLIST) http://www.openwall.com/lists/oss-security/2023/05/02/1 - Mailing List

02 May 2023, 15:15

Type Values Removed Values Added
References
  • (MLIST) http://www.openwall.com/lists/oss-security/2023/05/02/1 -

27 Oct 2022, 20:46

Type Values Removed Values Added
References (MISC) http://packetstormsecurity.com/files/168309/Apache-Spark-Unauthenticated-Command-Injection.html - (MISC) http://packetstormsecurity.com/files/168309/Apache-Spark-Unauthenticated-Command-Injection.html - Exploit, Third Party Advisory, VDB Entry

08 Sep 2022, 17:15

Type Values Removed Values Added
References
  • (MISC) http://packetstormsecurity.com/files/168309/Apache-Spark-Unauthenticated-Command-Injection.html -

25 Jul 2022, 13:25

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8
CPE cpe:2.3:a:apache:spark:*:*:*:*:*:*:*:*
CWE CWE-77
References (CONFIRM) https://lists.apache.org/thread/p847l3kopoo5bjtmxrcwk21xp6tjxqlc - (CONFIRM) https://lists.apache.org/thread/p847l3kopoo5bjtmxrcwk21xp6tjxqlc - Mailing List, Third Party Advisory
First Time Apache
Apache spark

18 Jul 2022, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-07-18 07:15

Updated : 2023-12-10 14:35


NVD link : CVE-2022-33891

Mitre link : CVE-2022-33891

CVE.ORG link : CVE-2022-33891


JSON object : View

Products Affected

apache

  • spark
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')