Lucene search
K

9 matches found

Nuclei
Nuclei
added 18 hours ago60 views

Apache Spark - Authentication Bypass

In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication spark.authenticate via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even...

9.8CVSS6.9AI score0.29157EPSS
Exploits0References2
Circl
Circl
added 2025/08/15 4:40 p.m.16 views

CVE-2020-9480

creationtimestamp| type| source ---|---|--- 2025-08-15 16:40:05+00:00| seen| https://t.me/truesecator/7335 2025-10-01 21:02:26+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m25wrr2t7b23...

9.8CVSS7.6AI score0.29157EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2022/02/10 11:5 p.m.5 views

analytics-zoo (>=0.2.0 <=0.10.0), azureml-webservice-schema (>=0.1.57 <=1.0.33) +33 more potentially affected by CVE-2020-9480 via pyspark (>=2.1.2 <=2.4.5)

pyspark PYPI version =2.1.2, =0.2.0, =0.1.57, =0.11.0, =0.1.2, =0.1.0, =1.0.0, =0.8.0, =0.2.1, =0.2.64 - intake-hive =0.1.0 - j11hail =0.2.53 - jmetalpy =0.9.0 - md2k-cerebral-cortex =3.0.0 and more Source cves: CVE-2020-9480 Source advisory: OSV:GHSA-WGX7-JWWM-CGJV...

9.8CVSS6.9AI score0.29157EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2020/11/05 12:0 a.m.14 views

Apache Spark Remote Code Execution (CVE-2020-9480)

A remote code execution vulnerability exists in Apache Spark. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.6AI score0.29157EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2020/10/13 8:19 p.m.31 views

CVE-2020-9480

In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication spark.authenticate via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even...

9.3CVSS2.7AI score0.29157EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/29 8:59 a.m.27 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Spark

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Apache Spark. Vulnerability Details CVEID: CVE-2020-9480 DESCRIPTION: Apache Spark could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw when authentication is enabled on...

9.8CVSS1.8AI score0.29157EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/21 7:32 p.m.28 views

Security Bulletin: A vulnerability in Apache Spark 2.4.5 and earlier affects IBM Operations Analytics Predictive Insights (CVE-2020-9480)

Summary Apache Spark is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVE. See the Remediation/Fixes section and apply the recommended fixes. Vulnerability Details CVEID: CVE-2020-9480 DESCRIPTION: Apache Spark coul...

9.8CVSS1.7AI score0.29157EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2020/06/23 10:15 p.m.6 views

analytics-zoo (>=0.2.0 <=0.10.0), azureml-webservice-schema (>=0.1.57 <=1.0.33) +33 more potentially affected by CVE-2020-9480 via pyspark (>=2.1.2 <=2.4.5)

pyspark PYPI version =2.1.2, =0.2.0, =0.1.57, =0.11.0, =0.1.2, =0.1.0, =1.0.0, =0.8.0, =0.2.1, =0.2.64 - intake-hive =0.1.0 - j11hail =0.2.53 - jmetalpy =0.9.0 - md2k-cerebral-cortex =3.0.0 and more Source cves: CVE-2020-9480 Source advisory: OSV:PYSEC-2020-95...

9.8CVSS6.9AI score0.29157EPSS
Exploits0
CVE
CVE
added 2020/06/23 9:50 p.m.188 views

CVE-2020-9480

The CVE-2020-9480 issue affects Apache Spark 2.4.5 and earlier, where a standalone resource manager master configured with spark.authenticate can still be exploited by a crafted RPC to start applications’ resources and run arbitrary shell commands on the host. The vulnerability arises when authen...

9.8CVSS9.4AI score0.29157EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder