Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-35797
HistoryJul 03, 2023 - 10:15 a.m.

Input validation

2023-07-0310:15:00
PRIOn knowledge base
www.prio-n.com
4
apache airflow
hive provider
input validation
vulnerability
apache software foundation
security
rce

AI Score

9.2

Confidence

High

EPSS

0.003

Percentile

69.2%

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider.
This issue affects Apache Airflow Apache Hive Provider: before 6.1.1.

Before version 6.1.1 it was possible to bypass the security check to RCE via
principal parameter. For this to be exploited it requires access to modifying the connection details.

It is recommended updating provider version to 6.1.1 in order to avoid this vulnerability.

AI Score

9.2

Confidence

High

EPSS

0.003

Percentile

69.2%

Related for PRION:CVE-2023-35797