OpenCVE

Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server. It is recommended to upgrade to a version that is not affected.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Apache	Apache-airflow-providers-apache-drill Apache-airflow-providers-apache-spark

Configuration 1 [-]

cpe:2.3:a:apache:apache-airflow-providers-apache-spark:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2023/08/17/1
http://www.openwall.com/lists/oss-security/2023/08/18/1
https://lists.apache.org/thread/t03gktyzyor20rh06okd91jtqmw6k1l7

History

Tue, 01 Oct 2024 20:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apache apache-airflow-providers-apache-drill
CPEs		cpe:2.3:a:apache:apache-airflow-providers-apache-drill::::::::
Vendors & Products		Apache apache-airflow-providers-apache-drill
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2023-08-17T13:52:30.647Z

Updated: 2024-10-01T19:40:56.801Z

Reserved: 2023-08-12T06:29:53.016Z

Link: CVE-2023-40272

Vulnrichment

Updated: 2024-08-02T18:31:52.381Z

NVD

Status : Modified

Published: 2023-08-17T14:15:10.083

Modified: 2024-11-21T08:19:05.833

Link: CVE-2023-40272

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-40272", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2023-08-12T06:29:53.016Z", "datePublished": "2023-08-17T13:52:30.647Z", "dateUpdated": "2024-10-01T19:40:56.801Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache Airflow Spark Provider", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "4.1.3", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "sw0rd1ight"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server.<br>It is recommended to upgrade to a version that is not affected.</p><p></p>"}], "value": "Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server.\nIt is recommended to upgrade to a version that is not affected.\n\n"}], "metrics": [{"other": {"content": {"text": "moderate"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-08-17T13:52:30.647Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/t03gktyzyor20rh06okd91jtqmw6k1l7"}, {"url": "http://www.openwall.com/lists/oss-security/2023/08/17/1"}, {"url": "http://www.openwall.com/lists/oss-security/2023/08/18/1"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache Airflow Spark Provider Arbitrary File Read via JDBC", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:31:52.381Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.apache.org/thread/t03gktyzyor20rh06okd91jtqmw6k1l7"}, {"url": "http://www.openwall.com/lists/oss-security/2023/08/17/1", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/08/18/1", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "apache", "product": "apache-airflow-providers-apache-drill", "cpes": ["cpe:2.3:a:apache:apache-airflow-providers-apache-drill:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "4.1.3", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-10-01T19:37:59.126113Z", "id": "CVE-2023-40272", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-01T19:40:56.801Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://lists.apache.org/thread/t03gktyzyor20rh06okd91jtqmw6k1l7", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/08/17/1", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/08/18/1", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:31:52.381Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-40272", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-01T19:37:59.126113Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:apache:apache-airflow-providers-apache-drill:*:*:*:*:*:*:*:*"], "vendor": "apache", "product": "apache-airflow-providers-apache-drill", "versions": [{"status": "affected", "version": "0", "lessThan": "4.1.3", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-01T19:40:04.501Z"}}], "cna": {"title": "Apache Airflow Spark Provider Arbitrary File Read via JDBC", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "sw0rd1ight"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "moderate"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache Airflow Spark Provider", "versions": [{"status": "affected", "version": "0", "lessThan": "4.1.3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://lists.apache.org/thread/t03gktyzyor20rh06okd91jtqmw6k1l7", "tags": ["vendor-advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/08/17/1"}, {"url": "http://www.openwall.com/lists/oss-security/2023/08/18/1"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server.\nIt is recommended to upgrade to a version that is not affected.\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server.<br>It is recommended to upgrade to a version that is not affected.</p><p></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-08-17T13:52:30.647Z"}}}, "cveMetadata": {"cveId": "CVE-2023-40272", "state": "PUBLISHED", "dateUpdated": "2024-10-01T19:40:56.801Z", "dateReserved": "2023-08-12T06:29:53.016Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2023-08-17T13:52:30.647Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:apache-airflow-providers-apache-spark:*:*:*:*:*:*:*:*", "matchCriteriaId": "13F1721D-6AC7-48AD-B817-C00465C548D1", "versionEndExcluding": "4.1.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server.\nIt is recommended to upgrade to a version that is not affected.\n\n"}], "id": "CVE-2023-40272", "lastModified": "2024-11-21T08:19:05.833", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-08-17T14:15:10.083", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/08/17/1"}, {"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/08/18/1"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/t03gktyzyor20rh06okd91jtqmw6k1l7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/08/17/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/08/18/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/t03gktyzyor20rh06okd91jtqmw6k1l7"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security@apache.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}