{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-35797", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2023-06-17T19:36:58.422Z", "datePublished": "2023-07-03T09:08:53.795Z", "dateUpdated": "2024-08-02T16:30:45.329Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache Airflow Apache Hive Provider", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "6.1.1", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "id_No2015429 of 3H Secruity Team"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider.<br><p>This issue affects Apache Airflow Apache Hive Provider: before 6.1.1.<br><br><span style=\"background-color: rgb(255, 255, 255);\">Before version 6.1.1 it was&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">possible to bypass the security check to RCE via</span><br><span style=\"background-color: rgb(255, 255, 255);\">principal parameter. For this to be&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">exploited it requires access to modifying the connection details.</span><br></span><br>It is recommended updating provider version to 6.1.1 in order to avoid this&nbsp;vulnerability.</p>"}], "value": "Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider.\nThis issue affects Apache Airflow Apache Hive Provider: before 6.1.1.\n\nBefore version 6.1.1 it was\u00a0possible to bypass the security check to RCE via\nprincipal parameter. For this to be\u00a0exploited it requires access to modifying the connection details.\n\nIt is recommended updating provider version to 6.1.1 in order to avoid this\u00a0vulnerability.\n\n"}], "metrics": [{"other": {"content": {"text": "moderate"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-07-03T09:08:53.795Z"}, "references": [{"tags": ["patch"], "url": "https://github.com/apache/airflow/pull/31983"}, {"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/30y19ok07fw52x5hnkbhwqo3ho0wwc1y"}, {"url": "http://www.openwall.com/lists/oss-security/2023/07/12/3"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache Airflow Hive Provider Beeline RCE with Principal", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:30:45.329Z"}, "title": "CVE Program Container", "references": [{"tags": ["patch", "x_transferred"], "url": "https://github.com/apache/airflow/pull/31983"}, {"tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.apache.org/thread/30y19ok07fw52x5hnkbhwqo3ho0wwc1y"}, {"url": "http://www.openwall.com/lists/oss-security/2023/07/12/3", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:apache-airflow-providers-apache-hive:*:*:*:*:*:*:*:*", "matchCriteriaId": "D25DD5BE-419A-40B4-8E58-4727FE0456F9", "versionEndExcluding": "6.1.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider.\nThis issue affects Apache Airflow Apache Hive Provider: before 6.1.1.\n\nBefore version 6.1.1 it was\u00a0possible to bypass the security check to RCE via\nprincipal parameter. For this to be\u00a0exploited it requires access to modifying the connection details.\n\nIt is recommended updating provider version to 6.1.1 in order to avoid this\u00a0vulnerability.\n\n"}], "id": "CVE-2023-35797", "lastModified": "2023-07-13T23:15:10.603", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-07-03T10:15:09.473", "references": [{"source": "security@apache.org", "url": "http://www.openwall.com/lists/oss-security/2023/07/12/3"}, {"source": "security@apache.org", "tags": ["Patch"], "url": "https://github.com/apache/airflow/pull/31983"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/30y19ok07fw52x5hnkbhwqo3ho0wwc1y"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security@apache.org", "type": "Primary"}]}

{}