CVE-2023-35798 - Vulnerability Details - OpenCVE

Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.This vulnerability is considered low since it requires DAG code to use `get_sqlalchemy_connection` and someone with access to connection resources specifically updating the connection to exploit it. This issue affects Apache Airflow ODBC Provider: before 4.0.0; Apache Airflow MSSQL Provider: before 3.4.1. It is recommended to upgrade to a version that is not affected

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Apache	Apache-airflow-providers-microsoft-mssql Apache-airflow-providers-odbc

Configuration 1 [-]

OR	cpe:2.3:a:apache:apache-airflow-providers-microsoft-mssql::::::::
	cpe:2.3:a:apache:apache-airflow-providers-odbc::::::::

No data.

References

Link	Providers
https://github.com/apache/airflow/pull/31984
https://lists.apache.org/thread/951rb9m7wwox5p30tdvcfjxq8j1mp4pj

History

Mon, 07 Oct 2024 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2023-06-27T11:39:51.759Z

Updated: 2024-10-07T18:25:05.749Z

Reserved: 2023-06-17T20:00:14.715Z

Link: CVE-2023-35798

Vulnrichment

Updated: 2024-08-02T16:30:45.384Z

NVD

Status : Modified

Published: 2023-06-27T12:15:13.340

Modified: 2024-11-21T08:08:43.810

Link: CVE-2023-35798

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-35798", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2023-06-17T20:00:14.715Z", "datePublished": "2023-06-27T11:39:51.759Z", "dateUpdated": "2024-10-07T18:25:05.749Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache Airflow ODBC Provider", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "4.0.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Apache Airflow MSSQL Provider", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "3.4.1", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "id_No2015429 of 3H Secruity Team"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.<p>This vulnerability is considered low since it requires DAG code to use `<span style=\"background-color: rgb(255, 255, 255);\">get_sqlalchemy_connection` and someone with access to connection resources specifically updating the connection to <span style=\"background-color: rgb(255, 255, 255);\">exploit it.</span><br></span><br>This issue affects Apache Airflow ODBC Provider: before 4.0.0; Apache Airflow MSSQL Provider: before 3.4.1.<br><br>It is recommended to <span style=\"background-color: rgb(255, 255, 255);\">upgrade to a version that is not affected</span></p>"}], "value": "Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.This\u00a0vulnerability is considered low since it requires DAG code to use `get_sqlalchemy_connection` and someone with access to connection resources specifically\u00a0updating the connection to exploit it.\n\nThis issue affects Apache Airflow ODBC Provider: before 4.0.0; Apache Airflow MSSQL Provider: before 3.4.1.\n\nIt is recommended to\u00a0upgrade to a version that is not affected\n\n"}], "metrics": [{"other": {"content": {"text": "low"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-06-27T11:39:51.759Z"}, "references": [{"tags": ["patch"], "url": "https://github.com/apache/airflow/pull/31984"}, {"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/951rb9m7wwox5p30tdvcfjxq8j1mp4pj"}], "source": {"discovery": "UNKNOWN"}, "title": "Airflow Apache ODBC and MSSQL Providers Arbitrary File Read Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:30:45.384Z"}, "title": "CVE Program Container", "references": [{"tags": ["patch", "x_transferred"], "url": "https://github.com/apache/airflow/pull/31984"}, {"tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.apache.org/thread/951rb9m7wwox5p30tdvcfjxq8j1mp4pj"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-07T18:24:53.811281Z", "id": "CVE-2023-35798", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-07T18:25:05.749Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/apache/airflow/pull/31984", "tags": ["patch", "x_transferred"]}, {"url": "https://lists.apache.org/thread/951rb9m7wwox5p30tdvcfjxq8j1mp4pj", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:30:45.384Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-35798", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-07T18:24:53.811281Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-07T18:25:00.131Z"}}], "cna": {"title": "Airflow Apache ODBC and MSSQL Providers Arbitrary File Read Vulnerability", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "id_No2015429 of 3H Secruity Team"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "low"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache Airflow ODBC Provider", "versions": [{"status": "affected", "version": "0", "lessThan": "4.0.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Apache Software Foundation", "product": "Apache Airflow MSSQL Provider", "versions": [{"status": "affected", "version": "0", "lessThan": "3.4.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/apache/airflow/pull/31984", "tags": ["patch"]}, {"url": "https://lists.apache.org/thread/951rb9m7wwox5p30tdvcfjxq8j1mp4pj", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.This\u00a0vulnerability is considered low since it requires DAG code to use `get_sqlalchemy_connection` and someone with access to connection resources specifically\u00a0updating the connection to exploit it.\n\nThis issue affects Apache Airflow ODBC Provider: before 4.0.0; Apache Airflow MSSQL Provider: before 3.4.1.\n\nIt is recommended to\u00a0upgrade to a version that is not affected\n\n", "supportingMedia": [{"type": "text/html", "value": "Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.<p>This vulnerability is considered low since it requires DAG code to use `<span style=\"background-color: rgb(255, 255, 255);\">get_sqlalchemy_connection` and someone with access to connection resources specifically updating the connection to <span style=\"background-color: rgb(255, 255, 255);\">exploit it.</span><br></span><br>This issue affects Apache Airflow ODBC Provider: before 4.0.0; Apache Airflow MSSQL Provider: before 3.4.1.<br><br>It is recommended to <span style=\"background-color: rgb(255, 255, 255);\">upgrade to a version that is not affected</span></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-06-27T11:39:51.759Z"}}}, "cveMetadata": {"cveId": "CVE-2023-35798", "state": "PUBLISHED", "dateUpdated": "2024-10-07T18:25:05.749Z", "dateReserved": "2023-06-17T20:00:14.715Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2023-06-27T11:39:51.759Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:apache-airflow-providers-microsoft-mssql:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9FB443E-58DC-4042-A711-2B894702A7DD", "versionEndExcluding": "3.4.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:apache-airflow-providers-odbc:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE2E9274-3948-4F37-B357-B2885997037A", "versionEndExcluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.This\u00a0vulnerability is considered low since it requires DAG code to use `get_sqlalchemy_connection` and someone with access to connection resources specifically\u00a0updating the connection to exploit it.\n\nThis issue affects Apache Airflow ODBC Provider: before 4.0.0; Apache Airflow MSSQL Provider: before 3.4.1.\n\nIt is recommended to\u00a0upgrade to a version that is not affected\n\n"}], "id": "CVE-2023-35798", "lastModified": "2024-11-21T08:08:43.810", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-06-27T12:15:13.340", "references": [{"source": "security@apache.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/apache/airflow/pull/31984"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/951rb9m7wwox5p30tdvcfjxq8j1mp4pj"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/apache/airflow/pull/31984"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/951rb9m7wwox5p30tdvcfjxq8j1mp4pj"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security@apache.org", "type": "Secondary"}]}