Authentication Bypass by Capture-replay in Apache Spark

🗓️ 11 Mar 2022 00:36:02Reported by GitHub Advisory DatabaseType

Authentication Bypass in Apache Spar

Reporter	Title	Published	Views	Family All 12
OSV	PYSEC-2022-186	10 Mar 202209:15	–	osv
OSV	BIT-spark-2021-38296	6 Mar 202411:05	–	osv
OSV	Authentication Bypass by Capture-replay in Apache Spark	11 Mar 202200:02	–	osv
OSV	CVE-2021-38296	10 Mar 202209:15	–	osv
Veracode	Information Disclosure	11 Mar 202210:49	–	veracode
CNVD	Apache Spark Encryption Problem Vulnerability (CNVD-2022-21823)	11 Mar 202200:00	–	cnvd
Cvelist	CVE-2021-38296 Apache Spark Key Negotiation Vulnerability	10 Mar 202208:20	–	cvelist
Prion	Authentication flaw	10 Mar 202209:15	–	prion
NVD	CVE-2021-38296	10 Mar 202209:15	–	nvd
CVE	CVE-2021-38296	10 Mar 202209:15	–	cve

Vulners

Node

pysparkRange<3.1.3

org.apache.spark spark\-coreRange<3.1.3

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-38296
lists	www.lists.apache.org/thread/70x8fw2gx3g9ty7yk0f2f1dlpqml2smd
github	www.github.com/pypa/advisory-database/tree/main/vulns/pyspark/PYSEC-2022-186.yaml
oracle	www.oracle.com/security-alerts/cpujul2022.html
github	www.github.com/advisories/GHSA-9rr6-jpg7-9jg6

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

11 Mar 2022 00:02Current

7.7High risk

Vulners AI Score7.7

CVSS25

CVSS37.5

EPSS0.00054

CWE-294