PT-2026-45382 · Apache · Apache Airflow
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Apache Airflow versions prior to 3.2.2
Description
The EmailOperator and
airflow.utils.email helpers establish SMTP STARTTLS connections without verifying the remote certificate when the deployment is configured with smtp starttls=True and smtp ssl=False. This allows an attacker positioned between the worker and the SMTP server to perform a Man-in-the-Middle (MITM) attack by presenting a self-signed certificate. Consequently, the attacker can silently complete the STARTTLS handshake and capture SMTP AUTH credentials and the contents of forwarded messages.Recommendations
Upgrade to version 3.2.2 or later.
Exploit
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Airflow