Experts Detail New Flaws in Azure HDInsight Spark, Kafka, and Hadoop Services
Experts Detail New Flaws in Azure HDInsight Spark, Kafka, and Hadoop Services
06 February 2024
Three new security vulnerabilities have been discovered in Azure HDInsight's Apache Hadoop, Kafka, and Spark services that could be exploited to achieve privilege escalation and a regular expression denial-of-service (ReDoS) condition.
"The new vulnerabilities affect any authenticated user of Azure HDInsight services such as Apache Ambari and Apache Oozie," Orca security