23 Jan 2019
CVE-2017-17836 - CVE Vulnerability
In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature displayed authenticated cookies, as well as passwords to databases used by Airflow. An attacker who has limited access to airflow, weather it be via XSS or by leaving a machine unlocked can exfil all credentials from the system. (CVSS:0.0) (Last Update:2019-01-23)
Vulnerability Details : In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature displayed authenticated cookies, as well as passwords to databases used by Airflow. An attacker who has limited access to airflow, weather it be via XSS or by leaving a machine unlocked can exfil all credentials from the system. Publish Date : 2019-01-23 Last Update Date : 2019-01-23 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2017-17836
- References For CVE-2017-17836
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2017-17836There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |