CVE-2023-22884 - Vulnerability Details - OpenCVE

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.This issue affects Apache Airflow: before 2.5.1; Apache Airflow MySQL Provider: before 4.0.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Apache	Airflow Apache-airflow-providers-mysql

Configuration 1 [-]

OR	cpe:2.3:a:apache:airflow::::::::
	cpe:2.3:a:apache:apache-airflow-providers-mysql::::::::

No data.

References

Link	Providers
https://github.com/apache/airflow/pull/28811
https://lists.apache.org/thread/0l0j3nt0t7fzrcjl2ch0jgj6c58kxs5h

History

Mon, 31 Mar 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2023-01-21T13:02:49.475Z

Updated: 2025-03-31T14:53:54.464Z

Reserved: 2023-01-09T19:22:17.207Z

Link: CVE-2023-22884

Vulnrichment

Updated: 2024-08-02T10:20:31.113Z

NVD

Status : Modified

Published: 2023-01-21T14:15:10.280

Modified: 2025-03-31T15:15:39.513

Link: CVE-2023-22884

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-22884", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2023-01-09T19:22:17.207Z", "datePublished": "2023-01-21T13:02:49.475Z", "dateUpdated": "2025-03-31T14:53:54.464Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache Airflow", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "2.5.1", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Apache Airflow MySQL Provider", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "4.0.0", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Son Tran from VNPT - VCI"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.<p>This issue affects Apache Airflow: before 2.5.1; Apache Airflow MySQL Provider: before 4.0.0.</p>"}], "value": "Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.This issue affects Apache Airflow: before 2.5.1; Apache Airflow MySQL Provider: before 4.0.0.\n\n"}], "metrics": [{"other": {"content": {"text": "important"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-07-12T10:11:50.999Z"}, "references": [{"tags": ["patch"], "url": "https://github.com/apache/airflow/pull/28811"}, {"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/0l0j3nt0t7fzrcjl2ch0jgj6c58kxs5h"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache Airflow, Apache Airflow MySQL Provider: Arbitrary file read via MySQL provider in Apache Airflow", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:20:31.113Z"}, "title": "CVE Program Container", "references": [{"tags": ["patch", "x_transferred"], "url": "https://github.com/apache/airflow/pull/28811"}, {"tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.apache.org/thread/0l0j3nt0t7fzrcjl2ch0jgj6c58kxs5h"}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-03-31T14:53:11.693659Z", "id": "CVE-2023-22884", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-31T14:53:54.464Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/apache/airflow/pull/28811", "tags": ["patch", "x_transferred"]}, {"url": "https://lists.apache.org/thread/0l0j3nt0t7fzrcjl2ch0jgj6c58kxs5h", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:20:31.113Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-22884", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-03-31T14:53:11.693659Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-31T14:53:23.409Z"}}], "cna": {"title": "Apache Airflow, Apache Airflow MySQL Provider: Arbitrary file read via MySQL provider in Apache Airflow", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "Son Tran from VNPT - VCI"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "important"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache Airflow", "versions": [{"status": "affected", "version": "0", "lessThan": "2.5.1", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Apache Software Foundation", "product": "Apache Airflow MySQL Provider", "versions": [{"status": "affected", "version": "0", "lessThan": "4.0.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/apache/airflow/pull/28811", "tags": ["patch"]}, {"url": "https://lists.apache.org/thread/0l0j3nt0t7fzrcjl2ch0jgj6c58kxs5h", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.This issue affects Apache Airflow: before 2.5.1; Apache Airflow MySQL Provider: before 4.0.0.\n\n", "supportingMedia": [{"type": "text/html", "value": "Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.<p>This issue affects Apache Airflow: before 2.5.1; Apache Airflow MySQL Provider: before 4.0.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-07-12T10:11:50.999Z"}}}, "cveMetadata": {"cveId": "CVE-2023-22884", "state": "PUBLISHED", "dateUpdated": "2025-03-31T14:53:54.464Z", "dateReserved": "2023-01-09T19:22:17.207Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2023-01-21T13:02:49.475Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*", "matchCriteriaId": "6EE25360-80C2-4C03-BCE7-2BB27E1CB42C", "versionEndExcluding": "2.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:apache-airflow-providers-mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "952569EF-9DEF-43CF-9329-EF0DB30FA5FF", "versionEndExcluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.This issue affects Apache Airflow: before 2.5.1; Apache Airflow MySQL Provider: before 4.0.0.\n\n"}, {"lang": "es", "value": " Neutralizaci\u00f3n inadecuada de elementos especiales utilizados en una vulnerabilidad de comando (\"Inyecci\u00f3n de comando\") en Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider. Este problema afecta a Apache Airflow: antes de 2.5.1; Apache Airflow MySQL Provider: anterior a 4.0.0."}], "id": "CVE-2023-22884", "lastModified": "2025-03-31T15:15:39.513", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-01-21T14:15:10.280", "references": [{"source": "security@apache.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/apache/airflow/pull/28811"}, {"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.apache.org/thread/0l0j3nt0t7fzrcjl2ch0jgj6c58kxs5h"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/apache/airflow/pull/28811"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.apache.org/thread/0l0j3nt0t7fzrcjl2ch0jgj6c58kxs5h"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "security@apache.org", "type": "Secondary"}]}