Vulnerability Details : CVE-2020-11982
An issue was found in Apache Airflow versions 1.10.10 and below. When using CeleryExecutor, if an attack can connect to the broker (Redis, RabbitMQ) directly, it was possible to insert a malicious payload directly to the broker which could lead to a deserialization attack (and thus remote code execution) on the Worker.
Vulnerability category: Execute code
Products affected by CVE-2020-11982
- cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-11982
15.58%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-11982
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2020-11982
-
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-11982
-
https://lists.apache.org/thread.html/r7255cf0be3566f23a768e2a04b40fb09e52fcd1872695428ba9afe91%40%3Cusers.airflow.apache.org%3E
Apache Airflow security vulnerabilities fixed in v1.10.11: CVE-2020-9485, CVE-2020-11978, CVE-2020-11981, CVE-2020-11982, CVE-2020-11983, CVE-2020-13927 - Pony MailMailing List;Vendor Advisory
Jump to