Apache Airflow has been affected by a high seviert vulnerability that could expose sensitive configuration data, potentially compromising system security.
The vulnerability, tracked as CVE-2024-45784 with a CVSS score of 7.5, stems from the platform’s failure to mask sensitive configuration values in task logs by default.
Once exploited, sensitive information such as API keys, database credentials, or other critical secrets. If unauthorized users gain access to these logs, they could exploit this exposed data to compromise the entire Airflow deployment.
All versions up to 2.10.2 are vulnerable, and the Apache Airflow team has addressed this vulnerability in version 2.10.3. All users are strongly advised to upgrade to this version or later immediately.
Organizations should review their Airflow logs for any potentially exposed secrets. If sensitive information is found, it is crucial to rotate those secrets as a precautionary measure.
Nice information 🌺🌺