Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized attacker to elevate privileges over a network.
AnalysisAI
Server-side request forgery in Azure Databricks enables unauthenticated remote attackers to achieve full privilege escalation with critical impact across confidentiality, integrity, and availability. The vulnerability carries a maximum CVSS 10.0 score with network-based attack vector, low complexity, and scope change, indicating attackers can leverage the SSRF to break out of Databricks' security boundary and access underlying cloud infrastructure or customer data. No public exploit or active exploitation confirmed at time of analysis, though the low attack complexity suggests straightforward exploitation once attack surface is identified.
Technical ContextAI
Server-side request forgery (CWE-918) vulnerabilities occur when an application accepts user-supplied URLs or hostnames and fetches remote resources without proper validation, allowing attackers to make the server send crafted requests to arbitrary destinations. In cloud platforms like Azure Databricks-a managed Apache Spark analytics service-SSRF can be particularly severe because the service runs with elevated cloud IAM permissions and access to internal metadata services (e.g., Azure Instance Metadata Service at 169.254.169.254). Attackers can abuse SSRF to retrieve cloud credentials, access internal APIs, pivot to backend databases, or interact with co-tenant resources. The scope change (S:C) in the CVSS vector indicates the vulnerable component affects resources beyond its own authorization scope, consistent with breaking out of the Databricks workspace boundary to access underlying Azure infrastructure or other customer environments.
RemediationAI
Organizations should immediately review the Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33107 for vendor-specific remediation guidance and patch availability. As Azure Databricks is a managed service, Microsoft typically deploys security updates automatically to the platform infrastructure without requiring customer action, but customers should verify their workspaces have received updates through Azure Service Health notifications or direct confirmation with Microsoft support. Until confirmed patched, implement defense-in-depth controls including restricting network access to Databricks workspaces through Azure Private Link or VNet injection, enforcing identity-based access controls with Azure Active Directory conditional access policies, enabling diagnostic logging to detect anomalous outbound requests, and reviewing workspace configurations to minimize blast radius if credential theft occurs. Organizations should audit recent Databricks access logs for suspicious patterns including unexpected outbound network connections, metadata service queries, or privilege escalation attempts that may indicate prior exploitation.
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-18564
GHSA-xrc8-933j-f74c