HTTP: Apache Airflow Command injection
This signature detects attempts to exploit a known vulnerability against Apache Airflow. A successful attack can lead to command injection and arbitrary code execution.
Extended Description
Example DAG: example_inlet_event_extra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG trigger permission to execute arbitrary commands. If you used that example as the base of your DAGs - please review if you have not copied the dangerous example; see https://github.com/apache/airflow/pull/41873 for more information. We recommend against exposing the example DAGs in your deployment. If you must expose the example DAGs, upgrade Airflow to version 2.10.1 or later.
Affected Products
Apache airflow
References
CVE: CVE-2024-45498
Short Name
HTTP:APACHE:AIRFLOW-CMD-INJECTN
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Airflow Apache CVE-2024-45498 Command injection
Release Date
12/17/2024
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3814
False Positive
Rarely
Vendors
Apache