http/misconfiguration/apache-spark-env.yaml

id: apache-spark-env

info:
  name: Apache Spark Environment - Exposure
  author: 0x_Akoko
  severity: medium
  description: |
    Detected Apache Spark Web UI exposed environment variables and application information without authentication, potentially revealing sensitive configuration details.
  reference:
    - https://spark.apache.org/docs/latest/monitoring.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
  metadata:
    verified: true
    max-request: 2
    shodan-query: http.title:"Spark" http.html:"Environment"
  tags: apache,spark,missconfig,environment,bigdata

http:
  - method: GET
    path:
      - "{{BaseURL}}/api/v1/applications"
      - "{{BaseURL}}/environment/"

    stop-at-first-match: true

    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains_all(body, "Spark", "Java")'
          - 'contains_any(body, "sparkProperties", "appSparkVersion", "Runtime Information", "Spark Properties", "spark.app.name", "sparkUser")'
        condition: and
# digest: 490a00463044022078924ea1f80ad9044d298b2fc19bde312887fdf1adee260d521984c67ea45e5a02207dc1f787ff35c335bb3aec138f058b9d30eb62dfc31ec239d331f67e24c53fbf:922c64590222798bb761d5b6d8e72950
Create apache-spark-env.yaml 2026-01-13 08:48:44 +09:00			`id: apache-spark-env`

			`info:`
Update apache-spark-env.yaml 2026-01-14 12:09:50 +05:30			`name: Apache Spark Environment - Exposure`
Create apache-spark-env.yaml 2026-01-13 08:48:44 +09:00			`author: 0x_Akoko`
			`severity: medium`
			`description: \|`
			`Detected Apache Spark Web UI exposed environment variables and application information without authentication, potentially revealing sensitive configuration details.`
			`reference:`
			`- https://spark.apache.org/docs/latest/monitoring.html`
			`classification:`
			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N`
			`cvss-score: 5.3`
			`cwe-id: CWE-200`
			`metadata:`
			`verified: true`
Update apache-spark-env.yaml 2026-01-14 12:09:50 +05:30			`max-request: 2`
Create apache-spark-env.yaml 2026-01-13 08:48:44 +09:00			`shodan-query: http.title:"Spark" http.html:"Environment"`
			`tags: apache,spark,missconfig,environment,bigdata`

			`http:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/api/v1/applications"`
			`- "{{BaseURL}}/environment/"`

			`stop-at-first-match: true`

			`matchers:`
			`- type: dsl`
			`dsl:`
			`- 'status_code == 200'`
			`- 'contains_all(body, "Spark", "Java")'`
			`- 'contains_any(body, "sparkProperties", "appSparkVersion", "Runtime Information", "Spark Properties", "spark.app.name", "sparkUser")'`
			`condition: and`
chore: sign templates 🤖 2026-01-14 06:50:30 +00:00			`# digest: 490a00463044022078924ea1f80ad9044d298b2fc19bde312887fdf1adee260d521984c67ea45e5a02207dc1f787ff35c335bb3aec138f058b9d30eb62dfc31ec239d331f67e24c53fbf:922c64590222798bb761d5b6d8e72950`