CVE-2025-60012 is a security vulnerability classified under CWE-20 (Improper Input Validation) affecting Apache Livy versions 0.7.0 and 0.8.0 when used in conjunction with Apache Spark version 3.1 or later. Apache Livy is a service that enables interaction with Apache Spark through REST and JDBC interfaces. The vulnerability stems from Livy accepting Spark configuration values from user requests without sufficient validation. Since Spark 3.1 introduced new configuration parameters, Livy’s failure to properly validate these inputs allows an attacker with access to Livy's REST or JDBC endpoints to supply malicious configuration values. These crafted values can cause Livy to access files on the server that the attacker is not authorized to read, leading to unauthorized file disclosure. The attack surface is limited to users who already have access to Livy's interfaces, but within that scope, the vulnerability can lead to significant confidentiality breaches. The issue has been addressed in Apache Livy 0.9.0 by implementing stricter validation and sanitization of Spark configuration inputs. No CVSS score has been assigned yet, and no public exploits have been observed. However, the vulnerability represents a serious risk to environments running vulnerable Livy versions connected to Spark 3.1 or newer.

The primary impact of CVE-2025-60012 is unauthorized disclosure of sensitive files on servers running vulnerable Apache Livy versions. This can lead to exposure of confidential data, including credentials, configuration files, or other sensitive information stored on the server. Organizations relying on Apache Livy for Spark job submissions and management could face data breaches if attackers exploit this flaw. Since the vulnerability requires access to Livy’s REST or JDBC interfaces, the risk is higher in environments where these interfaces are exposed to untrusted networks or insufficiently restricted users. The breach of confidentiality could facilitate further attacks, including privilege escalation or lateral movement within the network. Additionally, unauthorized file access could violate compliance requirements and damage organizational reputation. The scope is limited to Livy instances connected to Spark 3.1 or later, but given the widespread adoption of Spark in big data environments, many organizations worldwide could be affected. The absence of known exploits reduces immediate risk, but the vulnerability should be treated as high priority due to the sensitive nature of data potentially exposed.

To mitigate CVE-2025-60012, organizations should upgrade Apache Livy to version 0.9.0 or later, where the vulnerability is fixed. Until upgrade is possible, restrict access to Livy’s REST and JDBC interfaces to trusted users and networks only, using network segmentation, firewalls, and access controls. Implement strict authentication and authorization mechanisms to limit who can send Spark configuration parameters through Livy. Monitor Livy logs for unusual or unexpected configuration parameters in requests. Consider deploying Web Application Firewalls (WAFs) or API gateways that can detect and block suspicious payloads targeting configuration inputs. Regularly audit and review user permissions and interface exposure to minimize the attack surface. Additionally, ensure that sensitive files on the server have appropriate filesystem permissions to reduce the impact of unauthorized access. Finally, keep abreast of updates from Apache and apply security patches promptly.