8.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-45498

GHSA ID

GHSA-c392-whpc-vfpr

EPSS Score

0.78002%

CWE

CWE-116

Published

9/7/2024

Updated

11/25/2024

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-45498

CVE-2024-45498:
Apache Airflow vulnerable to Improper Encoding or Escaping of Output

Example DAG: example_inlet_event_extra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG trigger permission to execute arbitrary commands. If you used that example as the base of your DAGs - please review if you have not copied the dangerous example; see https://github.com/apache/airflow/pull/41873 for more information. We recommend against exposing the example DAGs in your deployment. If you must expose the example DAGs, upgrade Airflow to version 2.10.1 or later.

(GitHub Advisory)

8.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-45498

GHSA ID

GHSA-c392-whpc-vfpr

EPSS Score

0.78002%

CWE

CWE-116

Published

9/7/2024

Updated

11/25/2024

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
apache-airflow	pip	= 2.10.0	2.10.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from the unescaped Jinja template variable in the BashOperator's bash_command parameter. The patch adds the |tojson filter to properly escape the output, confirming the lack of output encoding was the root cause. The example DAG's code explicitly demonstrates this insecure pattern, making the BashOperator instance in example_inlet_event_extra.py the vulnerable component.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*x*mpl* ***: *x*mpl*_inl*t_*v*nt_*xtr*.py s*ipp** wit* *p**** *ir*low v*rsion *.**.* **s * vuln*r**ility t**t *llows *n *ut**nti**t** *tt**k*r wit* only *** tri***r p*rmission to *x**ut* *r*itr*ry *omm*n*s. I* you us** t**t *x*mpl* *s t** **s* o* you

Reasoning

T** vuln*r**ility st*ms *rom t** un*s**p** Jinj* t*mpl*t* v*ri**l* in t** **s*Op*r*tor's **s*_*omm*n* p*r*m*t*r. T** p*t** ***s t** |tojson *ilt*r to prop*rly *s**p* t** output, *on*irmin* t** l**k o* output *n*o*in* w*s t** root **us*. T** *x*mpl* *

8.8

Basic Information

Concerned about an active attack path?

CVE-2024-45498: Apache Airflow vulnerable to Improper Encoding or Escaping of Output

8.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2024-45498:
Apache Airflow vulnerable to Improper Encoding or Escaping of Output

Vulnerability Intelligence
Miggo AI