VDB

GCVE-110-CLOUD-2022-0028

GCVE-110-CLOUD-2022-0028
Advisory Published
Vulnetix · Advisory published June 13, 2022
Tenable Research discovered a privilege escalation flaw that allows a user to escalate privileges to that of the root user within the context of a Spark VM. They also discovered a separate flaw that allows a user to poison the hosts file on all nodes in their Spark pool, which would allow an attacker to redirect subsets of traffic and snoop on services users generally do not have access to.

Affected Products

VendorProductVersionsPlatforms
AzureSynapse Analytics
AzureSynapse

References

advisory
advisory
advisory

Browse GCVE Records

73,442 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›