Risk | High |
Patch available | YES |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2022-38170 CVE-2022-38054 |
CWE-ID | CWE-362 CWE-384 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software |
Apache Airflow Web applications / Modules and components for CMS |
Vendor | Apache Foundation |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU67552
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-38170
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to an insecure umask that was configured for numerous Airflow components when running with the `--daemon` flag. A local user can exploit the race condition to allow local users to expose arbitrary file contents via the web server.
MitigationInstall updates from vendor's website.
Vulnerable software versionsApache Airflow: 0.1 - 2.3.3
CPE2.3http://lists.apache.org/thread/zn8mbbb1j2od5nc9zhrvb7rpsrg1vvzv
http://www.openwall.com/lists/oss-security/2022/09/02/3
http://www.openwall.com/lists/oss-security/2022/09/02/12
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU67551
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-38054
CWE-ID:
CWE-384 - Session Fixation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected application.
The vulnerability exists due to incorrect processing of authentication sessions in the `database` webserver session backend. A remote attacker can perform session fixation attacks and compromise the web application.
Install updates from vendor's website.
Vulnerable software versionsApache Airflow: 2.3.0 - 2.3.3
CPE2.3http://lists.apache.org/thread/rsd3h89xdp16rg0ltovx3m7q3ypkxsbb
http://www.openwall.com/lists/oss-security/2022/09/02/1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.