CVE-2020-17526
Published at:
-
21-12-2020 06:15
Last modified:
-
26-04-2022 06:12
Total changes:
-
4
Description
Common Vulnerability Scoring System (CVSS)
Low
Attack complexity
Network
Attack vector
None
Availability
High
Confidentiality
None
Integrity
Low
Privileges required
Changed
Scope
None
User interaction
7.7
Base score
3.1
4.0
Exploitability score
Impact score
Verification logic
Reference
- https://lists.apache.org/thread.html/rbeeb73a6c741f2f9200d83b9c2220610da314810c4e8c9cf881d47ef%40%3Cusers.airflow.apache.org%3E
- [oss-security] 20201221 CVE-2020-17526: Apache Airflow Incorrect Session Validation in Airflow Webserver with default config-Mailing List, Third Party Advisory
- [announce] 20210623 Success at Apache: Security in Practice-Mailing List, Vendor Advisory
Keywords