Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2024-01015
HistoryDec 25, 2023 - 12:00 a.m.

Apache Airflow Security Bypass Vulnerability (CNVD-2024-0101523)

2023-12-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
apache airflow
security vulnerability
data modifications
authenticated attacker
unauthorized access

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

31.8%

Apache Airflow is the United States Apache (Apache) Foundation’s set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A security bypass vulnerability exists in Apache Airflow versions prior to 2.8.0, which can be exploited by an authenticated attacker to update variables without variable editing privileges, resulting in unauthorized data modifications.

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

31.8%