CVE-2023-39508
HIGHApache Airflow < 2.6.0 - Authenticated Privilege Escalation and DAG Access Bypass via Run Task Feature
Title source: llmDescription
Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the webserver context as well as allows to bypas limitation of access the user has to certain DAGs. The "Run Task" feature is considered dangerous and it has been removed entirely in Airflow 2.6.0 This issue affects Apache Airflow: before 2.6.0.
References (3)
Core 3
Core References
Not Applicable
http://seclists.org/fulldisclosure/2023/Jul/43
Patch, Vendor Advisory patch
https://github.com/apache/airflow/pull/29706
Mailing List, Vendor Advisory vendor-advisory
https://lists.apache.org/thread/j2nkjd0zqvtqk85s6ywpx3c35pvzyx15
Scores
CVSS v3
8.8
EPSS
0.0236
EPSS Percentile
81.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-200
CWE-250
Status
published
Products (2)
apache/airflow
< 2.6.0
pypi/apache-airflow
0 - 2.6.0b1PyPI
Published
Aug 05, 2023
Tracked Since
Feb 18, 2026