Workload misconfigurations

Apache Spark configuration without authentication

Risk Level

Informational (4)

Platform(s)
  • N/A

Description

We have detected an Apache Spark configuration file on the system which doesn't support authentication. This could allow unwanted users to easily gain access to the application and its data.
  • Recommended Mitigation

    Add authentication support to the 'spark-defaults.conf' file