CVE-2023-42780

Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DAGs. It would reveal the dag_ids and the stack-traces of import errors for those DAGs with import errors. Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/apache/airflow/pull/34355	Patch
https://lists.apache.org/thread/h5tvsvov8j55wojt5sojdprs05oby34d	Mailing List Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*

History

18 Oct 2023, 18:47

Type	Values Removed	Values Added
First Time		Apache Apache airflow
References	~~(MISC) https://lists.apache.org/thread/h5tvsvov8j55wojt5sojdprs05oby34d -~~	(MISC) https://lists.apache.org/thread/h5tvsvov8j55wojt5sojdprs05oby34d - Mailing List, Vendor Advisory
References	~~(MISC) https://github.com/apache/airflow/pull/34355 -~~	(MISC) https://github.com/apache/airflow/pull/34355 - Patch
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5
CPE		cpe:2.3:a:apache:airflow::::::::

14 Oct 2023, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-10-14 10:15

Updated : 2023-12-10 15:14

NVD link : CVE-2023-42780

Mitre link : CVE-2023-42780

CVE.ORG link : CVE-2023-42780

JSON object : View

Products Affected

apache

airflow

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2023-42780", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2023-10-14T10:15:10.303", "references": [{"url": "https://github.com/apache/airflow/pull/34355", "tags": ["Patch"], "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread/h5tvsvov8j55wojt5sojdprs05oby34d", "tags": ["Mailing List", "Vendor Advisory"], "source": "security@apache.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security@apache.org", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DAGs. It would reveal the dag_ids and the stack-traces of import errors for those DAGs with import errors.\nUsers of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.\n\n"}, {"lang": "es", "value": "Apache Airflow, versiones anteriores a la 2.7.2, contiene una vulnerabilidad de seguridad que permite a los usuarios autenticados de Airflow enumerar advertencias para todos los DAG, incluso si el usuario no ten\u00eda permiso para ver esos DAG. Revelar\u00eda los dag_ids y los seguimientos de la pila de memoria de errores de importaci\u00f3n para aquellos DAG con errores de importaci\u00f3n. Se recomienda a los usuarios de Apache Airflow que actualicen a la versi\u00f3n 2.7.2 o posterior para mitigar el riesgo asociado con esta vulnerabilidad."}], "lastModified": "2023-10-18T18:47:43.430", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63233E2B-0359-41A5-A4BA-218F2CC2F778", "versionEndExcluding": "2.7.2"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}