Lucene search
HistoryNov 15, 2022 - 9:15 a.m.
CVE-2022-45402
cve-2022-45402
apache airflow
open redirect
webserver
login endpoint
nvd
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.5%
In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver’s /login endpoint.
Affected configurations
Node
apacheairflowRange≤2.4.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache:airflow | apache airflow | lt | 2.4.3 |
CNA Affected
[
{
"vendor": "Apache Software Foundation",
"product": "Apache Airflow",
"versions": [
{
"version": "unspecified",
"lessThan": "2.4.3",
"status": "affected",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
veracode
veracode
Open Redirect
2022-11-16 04:05:07
osv
osv
BIT-airflow-2022-45402
2024-03-06 10:56:02
PYSEC-2022-42984
2022-11-15 09:15:00
CVE-2022-45402
2022-11-15 09:15:09
hackerone
hackerone
nvd
nvd
CVE-2022-45402
2022-11-15 09:15:09
prion
prion
Open redirect
2022-11-15 09:15:00
cvelist
cvelist
CVE-2022-45402 Apache Airflow: Open redirect during login
2022-11-15 00:00:00
github
github
Apache Airflow Contains Open Redirect
2022-11-15 12:00:15
cnvd
cnvd
Apache Airflow Input Validation Error Vulnerability (CNVD-2022-78860)
2022-11-17 00:00:00
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.5%
Related for CVE-2022-45402