unauthenticated-airflow-instance: Unauthenticated Airflow Instance

漏洞描述

PoC代码[已公开]

id: unauthenticated-airflow-instance

info:
  name: Unauthenticated Airflow Instance
  author: dhiyaneshDK
  severity: high
  description: Airflow Instance is exposed.
  classification:
    cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: apache
    product: airflow
    shodan-query: title:"Airflow - DAGs"
  tags: apache,airflow,unauth,misconfig,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}"
      - "{{BaseURL}}/admin/"

    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<title>Airflow - DAGs</title>"

      - type: status
        status:
          - 200
# digest: 490a0046304402200e91fe02abd2813b23272561272e70214ac2b810e427b66896b4264a619a86ed0220472a8d3b3d23f1cef6226f2c2d85fb6b3c60cc94d4c44152d7b9494f74a8f40d:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• POC CVE-2020-11978: Apache Airflow <=1.10.10 - Remote Code Execution
• POC CVE-2020-13927: Airflow Experimental <1.10.11 - REST API Auth Bypass
• POC CVE-2020-17526: Apache Airflow <1.10.14 - Authentication Bypass
• POC CVE-2021-38540: Apache Airflow - Unauthenticated Variable Import
• POC CVE-2022-24288: Apache Airflow OS Command Injection
• POC CVE-2022-40127: AirFlow < 2.4.0 - Remote Code Execution
• POC CVE-2020-11981: Apache Airflow <=1.10.10 - Command Injection
• POC CVE-2020-17526: Apache Airflow <1.10.14 - Authentication Bypass
• POC airflow-unauth: Airflow Unauth
• POC airflow-default-login: Apache Airflow Default Login
• POC airflow-v3-default-login: Apache Airflow v3 Default Login
• POC airflow-configuration-exposure: Apache Airflow Configuration Page - Detect
• POC airflow-debug: Airflow Debug Trace