Rewterz Threat Alert – Snake Keylogger Malware – Active IOCs
August 18, 2023Rewterz Threat Advisory – CVE-2023-2122 – WordPress Image Optimizer by 10web Plugin Vulnerability
August 18, 2023Rewterz Threat Alert – Snake Keylogger Malware – Active IOCs
August 18, 2023Rewterz Threat Advisory – CVE-2023-2122 – WordPress Image Optimizer by 10web Plugin Vulnerability
August 18, 2023Severity
High
Analysis Summary
CVE-2023-40272
Apache Airflow Spark Provider could allow a remote attacker to obtain sensitive information, caused by a flaw in the JDBC. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to read arbitrary files on the Airflow server, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-40272
Affected Vendors
Apache
Affected Products
- Apache Airflow Spark Provider 4.1.2
Remediation
Upgrade to the latest version of Apache Airflow Spark Provider, available from the Apache Website.