Apache Kyuubi: Unauthorized directory access due to missing path normalization

Vulnerability

Overview

CVE-2025-66518 affects Apache Kyuubi versions 1.6.0 through 1.10.2. The vulnerability allows any client that can connect to the Kyuubi Server via its frontend protocols (such as Thrift JDBC/ODBC) to bypass the server-side configuration kyuubi.session.local.dir.allow.list. This configuration is intended to restrict which local directories or files on the server can be accessed by the Kyuubi session. The root cause is a missing path normalization step in the session handling code, which permits path traversal or direct reference to paths not in the allow list [1][3].

Attack

Vector and Requirements

An attacker must have network access to the Kyuubi Server and be able to authenticate or use any of the supported Kyuubi frontend protocols—no special privileges beyond a valid session connection are required [1]. The exploit leverages the absence of path normalization, meaning an attacker can supply a path that differs from the canonical form but still resolves to a forbidden directory or file. For example, using symbolic links, redundant path components (e.g., ../), or alternate encodings may bypass the simple allow‑list check [3].

Impact

Successful exploitation enables an attacker to read, write, or execute arbitrary local files on the Kyuubi server that are not listed in the kyuubi.session.local.dir.allow.list. This could include sensitive configuration files, credentials, or other data stored in the server's filesystem. The impact is amplified in multi‑tenant deployments where the Kyuubi server manages sessions for many users, as a single client could compromise the confidentiality and integrity of the entire server [1][3].

Mitigation

The vulnerability is fixed in Apache Kyuubi version 1.10.3. Users running versions 1.6.0 through 1.10.2 should upgrade immediately to prevent unauthorized file access [1][3]. There are no reported workarounds; upgrading is the only recommended action.