March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Advisory – CVE-2022-3075 – Google Chrome Mojo Vulnerability
September 5, 2022
Rewterz Threat Alert – Mirai Botnet – Active IOCs
September 5, 2022
Rewterz Threat Advisory – CVE-2022-3075 – Google Chrome Mojo Vulnerability
September 5, 2022
Rewterz Threat Alert – Mirai Botnet – Active IOCs
September 5, 2022
Severity
High
Analysis Summary
CVE-2022-38170 CVSS:5.5
Apache Airflow could allow a local authenticated attacker to obtain sensitive information, caused by a race condition when running with the “–deamon” flag with insecure umask configured. By sending a specially-crafted request, an attacker could exploit this vulnerability to arbitrary file contents, and use this information to launch further attacks against the affected system.
CVE-2022-38054 CVSS:9.1
Apache Airflow could allow a remote attacker to hijack a user’s session, caused by a session fixation flaw in the “database” webserver session backende. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access to another user’s session.
Impact
- Information Disclosure
- Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2022-38170
- CVE-2022-38054
Affected Vendors
Apache
Affected Products
- Apache Airflow 2.3.3
- Apache Airflow 2.2.4
Remediation
Upgrade to the latest version of Apache Airflow, available from the Apache Web site.