Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-33891— Apache Spark shell command injection vulnerability via Spark UI

KEV EPSS 93.51% · P100
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-33891

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Apache Spark shell command injection vulnerability via Spark UI
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to perform impersonation by providing an arbitrary user name. A malicious user might then be able to reach a permission check function that will ultimately build a Unix shell command based on their input, and execute it. This will result in arbitrary shell command execution as the user Spark is currently running as. This affects Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apache Spark 操作系统操作系统命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache Spark是美国阿帕奇(Apache)基金会的一款支持非循环数据流和内存计算的大规模数据处理引擎。 Apache Spark 存在操作系统命令注入漏洞,该漏洞源于Apache Spark UI中的 ACL 功能中的输入验证不正确。远程攻击者利用该漏洞可以请求特制 URL 并在目标系统上执行任意操作系统命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
Apache Software FoundationApache Spark 3.0.3 and earlier ~ 3.0.3 -

II. Public POCs for CVE-2022-33891

#POC DescriptionSource LinkShenlong Link
1cve-2022-33891-pochttps://github.com/W01fh4cker/cve-2022-33891POC Details
2Apache Spark Shell Command Injection Vulnerabilityhttps://github.com/HuskyHacks/cve-2022-33891POC Details
3Apache Spark Command Injection PoC Exploit for CVE-2022-33891https://github.com/west-wind/CVE-2022-33891POC Details
4Nonehttps://github.com/AkbarTrilaksana/cve-2022-33891POC Details
5Apache Spark RCEhttps://github.com/llraudseppll/cve-2022-33891POC Details
6「💥」CVE-2022-33891 - Apache Spark Command Injectionhttps://github.com/AmoloHT/CVE-2022-33891POC Details
7CVE-2022-33891 Exploit For Apache Sparkhttps://github.com/DrLinuxOfficial/CVE-2022-33891POC Details
8Apache Spark RCE - CVE-2022-33891https://github.com/Vulnmachines/Apache-spark-CVE-2022-33891POC Details
9For CVE-2022-33891 Apache Spark: Emulation and Detection by West Shepherdhttps://github.com/ps-interactive/lab_security_apache_spark_emulation_detectionPOC Details
10Nonehttps://github.com/IMHarman/CVE-2022-33891POC Details
11Nonehttps://github.com/elsvital/cve-2022-33891-fixPOC Details
12A PoC exploit for CVE-2022-33891 - Apache Spark UI Remote Code Execution (RCE)https://github.com/K3ysTr0K3R/CVE-2022-33891-EXPLOITPOC Details
13PoC for CVE-2022-33891https://github.com/nanaao/CVE-2022-33891POC Details
14Nonehttps://github.com/asepsaepdin/CVE-2022-33891POC Details
15Apache Spark UI is susceptible to remote command injection. ACLs can be enabled via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow impersonation by providing an arbitrary user name. An attacker can potentially reach a permission check function that will ultimately build a Unix shell command based on input and execute it, resulting in arbitrary shell command execution. Affected versions are 3.0.3 and earlier, 3.1.1 to 3.1.2, and 3.2.0 to 3.2.1. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-33891.yamlPOC Details
16Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/%E5%BC%80%E5%8F%91%E6%A1%86%E6%9E%B6%E6%BC%8F%E6%B4%9E/Apache%20Spark%20doAs%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2022-33891.mdPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2022-33891

登录查看更多情报信息。

Same Patch Batch · Apache Software Foundation · 2022-07-18 · 3 CVEs total

CVE-2022-35741Apache CloudStack SAML Single Sign-On XXE
CVE-2022-36127Service unavailability impact in NodeJS agent(version <= 0.5.0)

IV. Related Vulnerabilities

Same product: Apache Spark
Same vendor: Apache Software Foundation
Same weakness: CWE-78

V. Comments for CVE-2022-33891

Anonymous User
2025-09-01 09:24:40

Fantastic Glasses unit 401 235 Milligan Dr Okotoks, AB T1S 0B8 info@fantasticglasses.ca 587-997-EYES(3937) glasses Okotoks

Anonymous User
2025-10-14 17:17:44

Fantastic Glasses unit 401 235 Milligan Dr Okotoks, AB T1S 0B8 info@fantasticglasses.ca 587-997-EYES(3937) blue light blocker Okotoks

Anonymous User
2025-10-16 18:24:15

Fantastic Glasses unit 401 235 Milligan Dr Okotoks, AB T1S 0B8 info@fantasticglasses.ca 587-997-EYES(3937) eyeglasses calgary https://www.fantasticglasses.ca/

Anonymous User
2025-10-17 20:21:16

Fantatic Glasses unit 401 235 Milligan Dr Okotoks, AB T1S 0B8 info@fantasticglasses.ca 587-997-EYES(3937) optical Okotoks

Anonymous User
2026-02-09 13:33:36

Fantastic Glasses unit 401 235 Milligan Dr Okotoks, AB T1S 0B8 info@fantasticglasses.ca 587-997-EYES(3937) eyeglasses calgary https://www.fantasticglasses.ca/

Anonymous User
2026-03-19 05:12:42

Fantastic Glasses unit 401 235 Milliga Dr Okotoks, AB T1S 0B8 info@fantasticglasses.ca 587-997-EYES(3937) sunglasses Okotoks

Anonymous User
2026-03-26 03:04:13

Fantastic Glasses unit 401 235 Milligan Dr Okotoks, AB T1S 0B8 info@fantasticglasses.ca 587-997-EYES(3937) eye exam near me https://www.fantasticglasses.ca/

Anonymous User
2026-03-29 06:42:56

Fantastic Glasses unit 401 235 Milligan Dr Okotoks, AB T1S 0B8 info@fantasticglasses.ca 587-997-EYES(3937) progressive lenses Okotoks

Anonymous User
2026-04-18 15:36:41

Fantrastic Glasses unit 401 235 Milligan Dr Okotoks, AB T1S 0B8 info@fantasticglasses.ca 587-997-EYES(3937) free eye teet calgary https://www.fantasticglasses.ca/

Leave a comment