Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via ‘sqoop import --connect’, obtain airflow server permissions, etc. The attacker needs to be logged in and have authorization (permissions) to create/edit connections.

It is recommended to upgrade to a version that is not affected.
This issue was reported independently by happyhacking-k, And Xie Jianming and LiuHui of Caiji Sec Team also reported it.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 27 Sep 2024 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2024-09-27T18:46:43.906Z

Reserved: 2023-03-04T16:47:10.813Z

Link: CVE-2023-27604

cve-icon Vulnrichment

Updated: 2024-08-02T12:16:36.683Z

cve-icon NVD

Status : Modified

Published: 2023-08-28T08:15:14.697

Modified: 2024-11-21T07:53:14.847

Link: CVE-2023-27604

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.