Rewterz Threat Advisory – Multiple SolarWinds Orion Platform Vulnerabilities
November 24, 2022Rewterz Threat Alert – APT32 Sea Lotus – Active IOCs
November 24, 2022Severity
High
Analysis Summary
CVE-2022-38649 CVSS:9.8
Apache Airflow Pinot Provider and Apache Airflow could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw in PinotAdminHook. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2022-40189 CVSS:9.8
Apache Airflow Pig Provider and Apache Airflow could allow a remote attacker to execute arbitrary commands on the system, caused by a command injection flaw in the task execution context. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2022-40954 CVSS:9.8
Apache Airflow Spark Provider and Apache Airflow could allow a remote attacker to execute arbitrary commands on the system, caused by a command injection flaw in the task execution context. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2022-41131 CVSS:9.8
Apache Airflow Hive Provider and Apache Airflow could allow a remote attacker to execute arbitrary commands on the system, caused by a command injection flaw in the task execution context. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
Command Execution
Indicators Of Compromise
CVE
- CVE-2022-38649
- CVE-2022-40189
- CVE-2022-40954
- CVE-2022-41131
Affected Vendors
Apache
Affected Products
- Apache Airflow 2.2.5
- Apache Airflow Pinot Provider 3.0.0
Remediation
Refer to Apache Airflow GIT Repository for patch, upgrade or suggested workaround information.