CVE-2023-45348 - OpenCVE

Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the "expose_config" option is set to "non-sensitive-only". The `expose_config` option is False by default. It is recommended to upgrade to a version that is not affected.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apache	Airflow

Configuration 1 [-]

cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2023/10/23/2
https://github.com/apache/airflow/pull/34712
https://lists.apache.org/thread/sy4l5d6tn58hr8r61r2fkt1f0qock9z9

History

No history.

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2023-10-14T09:46:44.563Z

Updated: 2024-09-17T15:27:12.016Z

Reserved: 2023-10-08T19:34:31.046Z

Link: CVE-2023-45348

Vulnrichment

Updated: 2024-08-02T20:21:16.332Z

NVD

Status : Analyzed

Published: 2023-10-14T10:15:10.473

Modified: 2023-11-16T02:22:46.000

Link: CVE-2023-45348

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-45348", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2023-10-08T19:34:31.046Z", "datePublished": "2023-10-14T09:46:44.563Z", "dateUpdated": "2024-09-17T15:27:12.016Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://pypi.python.org/", "defaultStatus": "unaffected", "packageName": "apache-airflow", "product": "Apache Airflow", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "2.7.2", "status": "affected", "version": "2.7.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "L3yx of Syclover Security Team"}, {"lang": "en", "type": "remediation developer", "value": "Hussein Awala"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nApache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the \"expose_config\" option is set to \"non-sensitive-only\". The `expose_config` option is False by default.<br>It is recommended to upgrade to a version that is not affected."}], "value": "\nApache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the \"expose_config\" option is set to \"non-sensitive-only\". The `expose_config` option is False by default.\nIt is recommended to upgrade to a version that is not affected."}], "metrics": [{"other": {"content": {"text": "important"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-10-14T09:46:44.563Z"}, "references": [{"tags": ["patch"], "url": "https://github.com/apache/airflow/pull/34712"}, {"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/sy4l5d6tn58hr8r61r2fkt1f0qock9z9"}, {"url": "http://www.openwall.com/lists/oss-security/2023/10/23/2"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache Airflow: Configuration information leakage vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:21:16.332Z"}, "title": "CVE Program Container", "references": [{"tags": ["patch", "x_transferred"], "url": "https://github.com/apache/airflow/pull/34712"}, {"tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.apache.org/thread/sy4l5d6tn58hr8r61r2fkt1f0qock9z9"}, {"url": "http://www.openwall.com/lists/oss-security/2023/10/23/2", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-17T15:27:01.828747Z", "id": "CVE-2023-45348", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-17T15:27:12.016Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/apache/airflow/pull/34712", "tags": ["patch", "x_transferred"]}, {"url": "https://lists.apache.org/thread/sy4l5d6tn58hr8r61r2fkt1f0qock9z9", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/10/23/2", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:21:16.332Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-45348", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-17T15:27:01.828747Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-17T15:27:08.278Z"}}], "cna": {"title": "Apache Airflow: Configuration information leakage vulnerability", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "L3yx of Syclover Security Team"}, {"lang": "en", "type": "remediation developer", "value": "Hussein Awala"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "important"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache Airflow", "versions": [{"status": "affected", "version": "2.7.0", "lessThan": "2.7.2", "versionType": "semver"}], "packageName": "apache-airflow", "collectionURL": "https://pypi.python.org/", "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/apache/airflow/pull/34712", "tags": ["patch"]}, {"url": "https://lists.apache.org/thread/sy4l5d6tn58hr8r61r2fkt1f0qock9z9", "tags": ["vendor-advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/10/23/2"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nApache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the \"expose_config\" option is set to \"non-sensitive-only\". The `expose_config` option is False by default.\nIt is recommended to upgrade to a version that is not affected.", "supportingMedia": [{"type": "text/html", "value": "\n\nApache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the \"expose_config\" option is set to \"non-sensitive-only\". The `expose_config` option is False by default.<br>It is recommended to upgrade to a version that is not affected.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-10-14T09:46:44.563Z"}}}, "cveMetadata": {"cveId": "CVE-2023-45348", "state": "PUBLISHED", "dateUpdated": "2024-09-17T15:27:12.016Z", "dateReserved": "2023-10-08T19:34:31.046Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2023-10-14T09:46:44.563Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A172F92-ABFA-4488-9EBD-694F915720B2", "versionEndExcluding": "2.7.2", "versionStartIncluding": "2.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nApache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the \"expose_config\" option is set to \"non-sensitive-only\". The `expose_config` option is False by default.\nIt is recommended to upgrade to a version that is not affected."}, {"lang": "es", "value": "Apache Airflow, versiones 2.7.0 y 2.7.1, se ve afectada por una vulnerabilidad que permite a un usuario autenticado recuperar informaci\u00f3n de configuraci\u00f3n confidencial cuando la opci\u00f3n \"expose_config\" est\u00e1 configurada en \"non-sensitive-only\". La opci\u00f3n `expose_config` es \"Falso\" de forma predeterminada. Se recomienda actualizar a una versi\u00f3n que no se vea afectada."}], "id": "CVE-2023-45348", "lastModified": "2023-11-16T02:22:46.000", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-14T10:15:10.473", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/10/23/2"}, {"source": "security@apache.org", "tags": ["Patch"], "url": "https://github.com/apache/airflow/pull/34712"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/sy4l5d6tn58hr8r61r2fkt1f0qock9z9"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "security@apache.org", "type": "Secondary"}]}