Apache Spark < 3.0.3 / 3.1.1 < 3.1.2 Remote Command Injection

high Web App Scanning Plugin ID 113343

Language:

Synopsis

Apache Spark < 3.0.3 / 3.1.1 < 3.1.2 Remote Command Injection

Description

Apache Spark UI versions < 3.0.3, 3.1.1 < 3.1.2 with ACL's on the server instance perform insufficient sanitization of parameters subsequently used in a permissions check, which may allow an attacker to inject arbitrary shell commands with the permissions of the Spark user.

Solution

Upgrade to Apache Spark 3.1.3, 3.2.2, 3.3.0 or later

See Also

http://packetstormsecurity.com/files/168309/Apache-Spark-Unauthenticated-Command-Injection.html

https://lists.apache.org/thread/p847l3kopoo5bjtmxrcwk21xp6tjxqlc

Plugin Details

Severity: High

ID: 113343

Type: remote

Family: Component Vulnerability

Published: 9/26/2022

Updated: 12/19/2022

Scan Template: basic, full, pci, scan

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2022-33891

CVSS v3

Risk Factor: High

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS Score Source: CVE-2022-33891

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

CISA Known Exploited Vulnerability Due Dates: 3/28/2023

Reference Information

CVE: CVE-2022-33891

CWE: 77, 78

OWASP: 2010-A1, 2013-A1, 2013-A9, 2017-A1, 2017-A9, 2021-A3, 2021-A6

WASC: OS Commanding

CAPEC: 108, 136, 15, 183, 248, 40, 43, 6, 75, 76, 88

DISA STIG: APSC-DV-002510, APSC-DV-002630

HIPAA: 164.306(a)(1), 164.306(a)(2)

ISO: 27001-A.14.2.5

NIST: sp800_53-CM-6b, sp800_53-SI-10

OWASP API: 2019-API7, 2019-API8, 2023-API8

OWASP ASVS: 4.0.2-14.2.1, 4.0.2-5.3.8

PCI-DSS: 3.2-6.2, 3.2-6.5.1