Severity

Medium

Analysis Summary

CVE-2020-11978

A command injection vulnerability exists in Apache Airflow. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system.

Impact

• Code Execution
• Unauthorized Access

Affected Vendors

Apache

Affected Products

Apache Airflow 1.10.10 and prior

Remediation

Update your Security Gateway product to the latest IPS update

https://www.checkpoint.com/defense/advisories/public/2021/cpai-2020-3368.html#protection