OpenCVE

Airbyte is a data integration platform for ELT pipelines. Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. The connection builder is used to create and test new connectors. Sensitive information, such as credentials, could be exposed if a user tested a new connector on a compromised instance. The connection builder does not have access to any data processes. This vulnerability is fixed in 0.62.2.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Airbyte	Airbytehq

No data.

No data.

References

Link	Providers
https://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-07-09T14:10:47.792Z

Updated: 2024-08-02T04:04:25.126Z

Reserved: 2024-06-14T14:16:16.465Z

Link: CVE-2024-38363

Vulnrichment

Updated: 2024-07-09T14:32:15.394Z

NVD

Status : Awaiting Analysis

Published: 2024-07-09T15:15:11.043

Modified: 2024-11-21T09:25:27.513

Link: CVE-2024-38363

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-38363", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-14T14:16:16.465Z", "datePublished": "2024-07-09T14:10:47.792Z", "dateUpdated": "2024-08-02T04:04:25.126Z"}, "containers": {"cna": {"title": "Remote Code Execution (RCE) via Server Side Template Injection (SSTI) in Airbyte", "problemTypes": [{"descriptions": [{"cweId": "CWE-1336", "lang": "en", "description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq"}], "affected": [{"vendor": "airbytehq", "product": "airbyte", "versions": [{"version": "< 0.62.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-09T14:10:47.792Z"}, "descriptions": [{"lang": "en", "value": "Airbyte is a data integration platform for ELT pipelines. Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. The connection builder is used to create and test new connectors. Sensitive information, such as credentials, could be exposed if a user tested a new connector on a compromised instance. The connection builder does not have access to any data processes. This vulnerability is fixed in 0.62.2."}], "source": {"advisory": "GHSA-4j3c-fgvx-xgqq", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "airbyte", "product": "airbytehq", "cpes": ["cpe:2.3:a:airbyte:airbytehq:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "0.62.2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-09T14:29:59.326680Z", "id": "CVE-2024-38363", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-09T14:32:40.156Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:04:25.126Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-38363", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-09T14:29:59.326680Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:airbyte:airbytehq:*:*:*:*:*:*:*:*"], "vendor": "airbyte", "product": "airbytehq", "versions": [{"status": "affected", "version": "0", "lessThan": "0.62.2", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-09T14:32:15.394Z"}}], "cna": {"title": "Remote Code Execution (RCE) via Server Side Template Injection (SSTI) in Airbyte", "source": {"advisory": "GHSA-4j3c-fgvx-xgqq", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "airbytehq", "product": "airbyte", "versions": [{"status": "affected", "version": "< 0.62.2"}]}], "references": [{"url": "https://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq", "name": "https://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Airbyte is a data integration platform for ELT pipelines. Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. The connection builder is used to create and test new connectors. Sensitive information, such as credentials, could be exposed if a user tested a new connector on a compromised instance. The connection builder does not have access to any data processes. This vulnerability is fixed in 0.62.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1336", "description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-09T14:10:47.792Z"}}}, "cveMetadata": {"cveId": "CVE-2024-38363", "state": "PUBLISHED", "dateUpdated": "2024-07-09T14:32:40.156Z", "dateReserved": "2024-06-14T14:16:16.465Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-07-09T14:10:47.792Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Airbyte is a data integration platform for ELT pipelines. Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. The connection builder is used to create and test new connectors. Sensitive information, such as credentials, could be exposed if a user tested a new connector on a compromised instance. The connection builder does not have access to any data processes. This vulnerability is fixed in 0.62.2."}, {"lang": "es", "value": "Airbyte es una plataforma de integraci\u00f3n de datos para tuber\u00edas ELT. La imagen acoplable del generador de conexiones Airbyte es vulnerable a RCE a trav\u00e9s de SSTI, lo que permite a un atacante remoto autenticado ejecutar c\u00f3digo arbitrario en el servidor como usuario del servidor web. El generador de conexiones se utiliza para crear y probar nuevos conectores. La informaci\u00f3n confidencial, como las credenciales, podr\u00eda quedar expuesta si un usuario probara un nuevo conector en una instancia comprometida. El creador de conexiones no tiene acceso a ning\u00fan proceso de datos. Esta vulnerabilidad se solucion\u00f3 en 0.62.2."}], "id": "CVE-2024-38363", "lastModified": "2024-11-21T09:25:27.513", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-07-09T15:15:11.043", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1336"}], "source": "security-advisories@github.com", "type": "Secondary"}]}