Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider.
Airflow JDBC Provider Connection’s [Connection URL] parameters had no
restrictions, which made it possible to implement RCE attacks via
different type JDBC drivers, obtain airflow server permission.
This issue affects Apache Airflow JDBC Provider: before 4.0.0.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2023-06-29T09:41:00.074Z
Updated: 2024-08-02T10:20:31.306Z
Reserved: 2023-01-09T19:24:49.530Z
Link: CVE-2023-22886
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-06-29T10:15:09.650
Modified: 2023-07-06T19:32:59.063
Link: CVE-2023-22886
Redhat
No data.