Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized attacker to elevate privileges over a network.
The SSRF class vulnerability (CWE-918) involves a server-side application executing network requests based on data controlled by an attacker, without proper validation. In the case of Azure Databricks, an unauthenticated network attacker can craft requests directed to internal resources within the cloud environment. Exploiting this vulnerability leads to privilege escalation, potentially giving the attacker access to resources and data unavailable to regular users. The attack vector is network-based, with no authentication requirement (PR:N) and no user interaction (UI:N), which means full remote exploitation.
An attacker can gain full control over Azure Databricks environment resources, including confidentiality, integrity, and availability of data — all three dimensions rated as HIGH with extended attack scope (S:C). In practice, this means the possibility of unauthorized access to internal services, data theft, and potential takeover of infrastructure control.
Apply patches available from the vendor according to references: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33107. It is recommended to immediately monitor Microsoft Security Response Center communications and apply updates promptly upon release. Additionally, it is advisable to restrict network access to Azure Databricks environments only to trusted sources and monitor outgoing traffic from instances for anomalies.
Microsoft Azure Databricks — versions indicated in vendor references (Microsoft Security Response Center).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HMicrosoft Azure Databricks
APPMicrosoftwszystkie wersje
Related vulnerabilities
Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów
RCE przez deserializację niezaufanych danych w Microsoft SharePoint Server
RCE w Windows Server Update Service (WSUS) — deserializacja danych
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
RCE przez deserialization w Microsoft SharePoint Server (on-premises)