gsd-2022-38362
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.
Aliases
Aliases
CVE-2022-38362


To clipboard 

{
  "GSD": {
    "alias": "CVE-2022-38362",
    "description": "Apache Airflow Docker\u0027s Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.",
    "id": "GSD-2022-38362"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-38362"
      ],
      "details": "Apache Airflow Docker\u0027s Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.",
      "id": "GSD-2022-38362",
      "modified": "2023-12-13T01:19:22.382829Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "ID": "CVE-2022-38362",
        "STATE": "PUBLIC",
        "TITLE": "Docker Provider \u003c3.0 RCE vulnerability in example dag"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache Airflow",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "Apache Airflow Docker Provider",
                          "version_value": "3.0.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "Thanks to Kai Zhao of 3H Secruity Team for reporting this"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Apache Airflow Docker\u0027s Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": [
        {}
      ],
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Remote Code Execution"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://lists.apache.org/thread/614p38nf4gbk8xhvnskj9b1sqo2dknkb",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread/614p38nf4gbk8xhvnskj9b1sqo2dknkb"
          },
          {
            "name": "[oss-security] 20220816 CVE-2022-38362: Apache Airflow Docker Provider \u003c3.0 RCE vulnerability in example dag",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2022/08/16/1"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      },
      "work_around": [
        {
          "lang": "eng",
          "value": "Disable loading of example DAGs or upgrade the apache-airflow-providers-docker to 3.0.0 or above"
        }
      ]
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c3.0.0",
          "affected_versions": "All versions before 3.0.0",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937"
          ],
          "date": "2023-04-13",
          "description": "Apache Airflow Docker\u0027s Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.",
          "fixed_versions": [
            "3.0.0"
          ],
          "identifier": "CVE-2022-38362",
          "identifiers": [
            "GHSA-746v-hfh2-xphm",
            "CVE-2022-38362"
          ],
          "not_impacted": "All versions starting from 3.0.0",
          "package_slug": "pypi/apache-airflow-providers-docker",
          "pubdate": "2022-08-17",
          "solution": "Upgrade to version 3.0.0 or above.",
          "title": "Remote code execution in Apache Airflow Docker\u0027s Provider",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2022-38362",
            "https://lists.apache.org/thread/614p38nf4gbk8xhvnskj9b1sqo2dknkb",
            "http://www.openwall.com/lists/oss-security/2022/08/16/1",
            "https://github.com/advisories/GHSA-746v-hfh2-xphm"
          ],
          "uuid": "07ab1e90-d61c-472d-a324-b54e7f441bc4"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:apache-airflow-providers-docker:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2022-38362"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Apache Airflow Docker\u0027s Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "N/A",
              "refsource": "CONFIRM",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread/614p38nf4gbk8xhvnskj9b1sqo2dknkb"
            },
            {
              "name": "[oss-security] 20220816 CVE-2022-38362: Apache Airflow Docker Provider \u003c3.0 RCE vulnerability in example dag",
              "refsource": "MLIST",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2022/08/16/1"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-08-17T12:20Z",
      "publishedDate": "2022-08-16T14:15Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.