February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Active Emotet – IOCs
December 21, 2020Rewterz Threat Advisory – CVE-2020-26422 – Wireshark denial of service
December 22, 2020Rewterz Threat Alert – Active Emotet – IOCs
December 21, 2020Rewterz Threat Advisory – CVE-2020-26422 – Wireshark denial of service
December 22, 2020
Severity
High
Analysis Summary
Apache Airflow could allow a remote authenticated attacker to bypass security restrictions, caused by improper session validation in the Webserver when using default configuration. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access to the Airflow Webserver on different site.
Impact
Security bypass
Affected Vendors
Apache
Affected Products
Apache Airflow 1.10.13
Remediation
Upgrade to the latest version of Apache Airflow (1.10.14 or later).