PT-2023-4067 · Apache · Apache Airflow Hive Provider
Son Tran
·
Published
2023-07-12
·
Updated
2024-10-04
·
CVE-2023-37415
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Apache Airflow Apache Hive Provider versions prior to 6.1.2
Description
The issue is related to improper input validation, which can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations
For Apache Airflow Apache Hive Provider versions prior to 6.1.2, update the provider version to 6.1.2 to avoid this issue.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Airflow Hive Provider