A critical authorization bypass in Apache Iceberg enables attackers with table-setting privileges to perform unauthorized file operations on arbitrary storage locations.

This vulnerability is an authorization bypass where the system fails to perform required security checks when the write.metadata.path property is updated. An attacker with the ability to alter table settings can trick the system into writing metadata to unauthorized locations, leading to potential data corruption or exposure.

The exploitation of this flaw could lead to unauthorized access, corruption, or deletion of critical data stored within the managed storage environment. Given the CVSS score of 9.9, this vulnerability poses a severe risk to data integrity and confidentiality, potentially allowing attackers to gain control over storage prefixes beyond the scope of their intended permissions.

Immediate Action: Apply the latest security patches provided by Apache for Iceberg immediately to ensure proper validation logic is enforced during metadata path updates.

Proactive Monitoring: Review access logs for anomalous ALTER TABLE operations and monitor storage usage for unexpected metadata file placement.

Compensating Controls: Restrict permissions for modifying table settings to a highly limited set of trusted users and implement strict storage-layer access controls.

Public Exploit Available: No

This vulnerability represents a fundamental failure in authorization logic that can lead to widespread data exposure. Organizations using Apache Iceberg must prioritize applying vendor-supplied updates to ensure that metadata write operations are properly validated against authorized storage locations.