Experts Detail New Flaws in Azure HDInsight Spark, Kafka, and Hadoop Services
February 6, 2024 at 10:10AM Three new security vulnerabilities have been identified in Azure HDInsight’s Apache Hadoop, Kafka, and Spark services, enabling privilege escalation and denial-of-service attacks. Specific flaws include XML External Entity Injection Elevation of Privilege and Java Database Connectivity Injection Elevation of Privilege. Microsoft has released fixes following responsible disclosure. Orca previously found … Read more