Azure Databricks is affected by a critical SSRF vulnerability that allows unauthenticated attackers to escalate privileges and gain unauthorized access to internal systems.

This vulnerability involves a Server-Side Request Forgery (SSRF) flaw where the application can be coerced into making unauthorized requests. An unauthenticated attacker can leverage this to gain elevated privileges and interact with internal metadata services or other protected network resources.

A successful SSRF attack against Databricks can lead to the exposure of sensitive cloud credentials and internal network mapping. Given the CVSS score of 10.0, the risk includes full privilege escalation, allowing attackers to access, modify, or delete high-value data processed within Databricks clusters, leading to significant regulatory and operational risks.

Immediate Action: Update Azure Databricks to the latest version as specified in the Microsoft security advisory to remediate the SSRF vector.

Proactive Monitoring: Review outbound network logs from Databricks clusters for requests to internal IP addresses or metadata services (e.g., 169.254.169.254).

Compensating Controls: Implement egress filtering to restrict clusters from communicating with sensitive internal endpoints and use Azure Policy to enforce secure workspace configurations.

Public Exploit Available: No

The CVSS score of 10.0 demands immediate remediation. Administrators must ensure that their Databricks workspaces are updated and that network-level protections are in place to prevent SSRF-based credential theft. This is a critical security update that should be handled as an emergency change.