Rewterz Threat Advisory – Multiple Apache Pulsar Vulnerabilities
September 29, 2022Rewterz Threat Advisory – Multiple Cisco SD-WAN Software Vulnerabilities
September 29, 2022Rewterz Threat Advisory – Multiple Apache Pulsar Vulnerabilities
September 29, 2022Rewterz Threat Advisory – Multiple Cisco SD-WAN Software Vulnerabilities
September 29, 2022Severity
High
Analysis Summary
CVE-2022-40604
Apache Airflow could allow a remote attacker to obtain sensitive information, caused by improper URL formatting. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-40604
Affected Vendors
Apache
Affected Products
- Apache Airflow 2.3.4
- Apache Airflow 2.3.0
Remediation
Refer to Apache Security Advisory for patch, upgrade or suggested workaround information.