CVE-2021-38296 – pyspark

Package

Manager: pip
Name: pyspark
Vulnerable Version: >=0 <3.1.3

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.0088 pctl0.74491

Details

Authentication Bypass by Capture-replay in Apache Spark Apache Spark supports end-to-end encryption of RPC connections via "spark.authenticate" and "spark.network.crypto.enabled". In versions 3.1.2 and earlier, it uses a bespoke mutual authentication protocol that allows for full encryption key recovery. After an initial interactive attack, this would allow someone to decrypt plaintext traffic offline. Note that this does not affect security mechanisms controlled by "spark.authenticate.enableSaslEncryption", "spark.io.encryption.enabled", "spark.ssl", "spark.ui.strictTransportSecurity". Update to Apache Spark 3.1.3 or later

Metadata

Created: 2022-03-11T00:02:36Z
Modified: 2024-10-25T20:49:39Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/03/GHSA-9rr6-jpg7-9jg6/GHSA-9rr6-jpg7-9jg6.json
CWE IDs: ["CWE-294"]
Alternative ID: GHSA-9rr6-jpg7-9jg6
Finding: F115
Auto approve: 1