CyberSec.Space Logo
返回 CVE 浏览器

CVE-2020-11982

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0850%
EPSS Percentile16.93th
Published2020年7月17日
Last Modified2024年11月21日

Vulnerability Description

An issue was found in Apache Airflow versions 1.10.10 and below. When using CeleryExecutor, if an attack can connect to the broker (Redis, RabbitMQ) directly, it was possible to insert a malicious payload directly to the broker which could lead to a deserialization attack (and thus remote code execution) on the Worker.

Affected Platforms (CPE)

📦
Apache

Airflow

<= 1.10.10

References & Advisories

🔗 https://lists.apache.org/thread.html/r7255cf0be3566f23a768e2a04b40fb09e52fcd1872695428ba9afe91%40%3Cusers.airflow.apache.org%3E
🔗 https://lists.apache.org/thread.html/r7255cf0be3566f23a768e2a04b40fb09e52fcd1872695428ba9afe91%40%3Cusers.airflow.apache.org%3E

相关漏洞威胁

CVE-2020-139279.8

The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses s...

CVE-2021-385409.8

The variable import endpoint was not protected by authentication in Airflow >=2.0.0, <2.1.3. This allowed unauthenticated users to...

CVE-2020-119819.8

An issue was found in Apache Airflow versions 1.10.10 and below. When using CeleryExecutor, if an attacker can connect to the brok...

CVE-2017-178369.8

In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature displayed authenticated cookies, as well as passwords to data...