{"vulnerability": "CVE-2020-1392", "sightings": [{"uuid": "98807c1f-fdca-4653-bf84-b5c8981ecde6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13927", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "6b891fbd-9f80-4e28-8d07-3ec178930740", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13927", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971211", "content": "", "creation_timestamp": "2024-12-24T20:25:56.428060Z"}, {"uuid": "74821096-5a30-45fe-90de-dee1d55753c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13927", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "a6901b85-3533-478e-a623-3c173c1cf667", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13927", "type": "seen", "source": "https://t.me/arpsyndicate/983", "content": "#ExploitObserverAlert\n\nCVE-2020-13927\n\nDESCRIPTION: Exploit Observer has 11 entries related to CVE-2020-13927. The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact. From Airflow 1.10.11 the default has been changed to deny all requests by default and is documented at https://airflow.apache.org/docs/1.10.11/security.html", "creation_timestamp": "2023-12-03T17:00:14.000000Z"}, {"uuid": "6e64ab04-92b9-45b4-86a7-523985d13c05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13927", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:26.000000Z"}, {"uuid": "9c06c9c8-77f4-42d3-90ff-bbf952c2c13f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13927", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:12:58.000000Z"}, {"uuid": "bde997fc-cac5-4945-b502-29405ac1b48b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13927", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:24.000000Z"}, {"uuid": "b84862cc-ee2a-4de3-bb37-6267c5326e7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13927", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/apache_airflow_dag_rce.rb", "content": "", "creation_timestamp": "2023-09-18T22:16:38.000000Z"}, {"uuid": "6e86d769-8729-4322-b75a-a308b30b10d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-13927", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/dbec7607-7776-4e23-bea0-3345a82f3aaf", "content": "", "creation_timestamp": "2026-02-02T12:28:28.573970Z"}, {"uuid": "838763d4-ff6c-4433-ab98-73f91616d2e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13924", "type": "seen", "source": "https://t.me/cibsecurity/24991", "content": "\u203c CVE-2020-13924 \u203c\n\nIn Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-17T11:30:50.000000Z"}, {"uuid": "ff8b32fd-7617-4aee-888f-3acc00670278", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13929", "type": "seen", "source": "https://t.me/cibsecurity/28241", "content": "\u203c CVE-2020-13929 \u203c\n\nAuthentication bypass vulnerability in Apache Zeppelin allows an attacker to bypass Zeppelin authentication mechanism to act as another user. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-02T20:37:35.000000Z"}, {"uuid": "ab22d894-18a0-456a-b509-da53678bc845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13927", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/579", "content": "CVE-2020-13927 CVE-2020-11978 Apache Airflow 1.10.10 - 'Example Dag'\u9060\u7a0b\u547d\u4ee4\u57f7\u884c\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2020-13927_CVE-2020-11978_Apache_Airflow_1.10.10_-_%27Example_Dag%27%E9%81%A0%E7%A8%8B%E5%91%BD%E4%BB%A4%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-06-03T00:39:25.000000Z"}, {"uuid": "7688d25d-a5de-4941-a1ec-8f8bfd1b40bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13922", "type": "seen", "source": "https://t.me/cibsecurity/21897", "content": "\u203c CVE-2020-13922 \u203c\n\nVersions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under any tenant to override another users password through the API interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-11T12:45:19.000000Z"}, {"uuid": "9a73d5a4-efe2-4d95-b41d-4761f73ca2ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13921", "type": "seen", "source": "https://t.me/cibsecurity/13891", "content": "ATENTION\u203c New - CVE-2020-13921\n\n**Resolved** Only when using H2/MySQL/TiDB as Apache SkyWalking storage, there is a SQL injection vulnerability in the wildcard query cases.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-05T18:55:23.000000Z"}, {"uuid": "686a4b44-eacd-41c4-b351-1d75a6138b0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13927", "type": "seen", "source": "https://t.me/cibsecurity/16094", "content": "\u203c CVE-2020-13927 \u203c\n\nThe previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact. From Airflow 1.10.11 the default has been changed to deny all requests by default and is documented at https://airflow.apache.org/docs/1.10.11/security.html#api-authentication. Note this change fixes it for new installs but existing users need to change their config to default `[api]auth_backend = airflow.api.auth.backend.deny_all` as mentioned in the Updating Guide: https://github.com/apache/airflow/blob/1.10.11/UPDATING.md#experimental-api-will-deny-all-request-by-default\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-10T18:27:36.000000Z"}]}