| Vulnerability Name: | CVE-2020-9480 (CCN-183858) | ||||||||||||
| Assigned: | 2020-06-22 | ||||||||||||
| Published: | 2020-06-22 | ||||||||||||
| Updated: | 2022-04-26 | ||||||||||||
| Summary: | In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (spark.authenticate) via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even without the shared key. This can be leveraged to execute shell commands on the host machine. This does not affect Spark clusters using other resource managers (YARN, Mesos, etc). | ||||||||||||
| CVSS v3 Severity: | 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-306 | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2020-9480 Source: XF Type: UNKNOWN apache-cve20209480-cmd-exec(183858) Source: MLIST Type: Mailing List, Vendor Advisory [spark-user] 20200803 Re: CVE-2020-9480: Apache Spark RCE vulnerability in auth-enabled standalone master Source: MLIST Type: Mailing List, Vendor Advisory [doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5593: [FE][Bug] Update Spark version to fix a security issue Source: MLIST Type: Exploit, Mailing List, Vendor Advisory [submarine-commits] 20201209 [GitHub] [submarine] QiAnXinCodeSafe opened a new issue #475: There is a vulnerability in Apache Spark 2.3.4,upgrade recommended Source: MLIST Type: Mailing List, Vendor Advisory [spark-dev] 20200803 Re: CVE-2020-9480: Apache Spark RCE vulnerability in auth-enabled standalone master Source: CCN Type: oss-sec Mailing List, Mon, 22 Jun 2020 16:50:17 -0500 CVE-2020-9480: Apache Spark RCE vulnerability in auth-enabled standalone master Source: CCN Type: Apache Spark Web site Apache Spark Source: CONFIRM Type: Vendor Advisory https://spark.apache.org/security.html#CVE-2020-9480 Source: CCN Type: IBM Security Bulletin 6320357 (Operations Analytics Predictive Insights) A vulnerability in Apache Spark 2.4.5 and earlier affects IBM Operations Analytics Predictive Insights (CVE-2020-9480) Source: CCN Type: IBM Security Bulletin 6323691 (ICP Discovery) IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Spark Source: CCN Type: Oracle Critical Patch Update Advisory - April 2021 Oracle Critical Patch Update Advisory - April 2021 Source: MISC Type: Patch, Third Party Advisory https://www.oracle.com/security-alerts/cpuApr2021.html Source: CCN Type: WhiteSource Vulnerability Database CVE-2020-9480 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||