PT-2020-6688 · Redis+2 · Redis+2
Adam Goldschmit
·
Published
2020-07-13
·
Updated
2024-03-06
·
CVE-2020-11981
CVSS v4.0
10
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Apache Airflow versions 1.10.10 and below
Description
The issue allows an attacker to inject commands if they can connect directly to the broker, such as Redis or RabbitMQ, when using CeleryExecutor. This can result in the celery worker running arbitrary commands. The vulnerability is related to the lack of protection measures for the web page structure, which can be exploited by a remote attacker to execute arbitrary commands.
Recommendations
For Apache Airflow versions 1.10.10 and below, consider disabling the CeleryExecutor until a patch is available to prevent command injection.
Restrict access to the broker, such as Redis or RabbitMQ, to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Airflow
Rabbitmq
Redis