Is CVE-2022-33891 patched on this host?

/static/assets/linux-logo.svg
Apache Spark configured with spark.acls.enable set to true is vulnerable to remote code execution via the doAs paramater. This TTP attempts to access the doAs paramater, if it does successfully then it will attempt to run a shell command. This exploit is very easy to use, reliable and effects many Apache Spark versions.
locked
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.

Login

Test this TTP

Download Operator (1.7.0)