ID CVE-2018-8024
Summary In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's job and stage info pages, and if a user can be tricked into accessing the URL, can be used to cause script to execute and expose information from the user's view of the Spark UI.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
Last major update 12-07-2018 - 09:29
Published 12-07-2018 - 09:29
Last modified 12-07-2018 - 09:29
Back to Top