{"vulnerability": "CVE-2023-4027", "sightings": [{"uuid": "efec1299-a319-423b-9038-e7683eb09c3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40273", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113791870409998283", "content": "", "creation_timestamp": "2025-01-08T08:49:08.152776Z"}, {"uuid": "17d67f67-ae1b-4d20-8864-fe67ec11687f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40273", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/679", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45033\n\ud83d\udd39 Description: Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider.\n\nThis issue affects Apache Airflow Fab Provider: before 1.5.2.\n\nWhen user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged users could continue to be logged in even after the password was changed. This only happened when the password was changed with CLI. The problem does not happen in case change was done with webserver thus this is different from\u00a0 CVE-2023-40273 https://github.com/advisories/GHSA-pm87-24wq-r8w9 \u00a0which was addressed in Apache-Airflow 2.7.0\n\n\nUsers are recommended to upgrade to version 1.5.2, which fixes the issue.\n\ud83d\udccf Published: 2025-01-08T08:41:39.579Z\n\ud83d\udccf Modified: 2025-01-08T08:41:39.579Z\n\ud83d\udd17 References:\n1. https://github.com/apache/airflow/pull/45139\n2. https://lists.apache.org/thread/yw535346rk766ybzpqtvrl36sjj789st", "creation_timestamp": "2025-01-08T09:12:24.000000Z"}, {"uuid": "155d3bc0-2275-4b95-8e42-ec9013714e02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40273", "type": "seen", "source": "https://t.me/ctinow/134615", "content": "https://ift.tt/fsdbUwx\nInternet Bug Bounty: CVE-2023-40273: Session fixation in Apache Airflow web interface", "creation_timestamp": "2023-09-04T16:03:01.000000Z"}, {"uuid": "0fd34506-e100-4d77-8e3b-d0c1f64d5933", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4027", "type": "seen", "source": "https://t.me/cvedetector/3381", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-4027 - WordPress Radio Player Unauthenticated Arbitrary Settings Modification\", \n  \"Content\": \"CVE ID : CVE-2023-4027 \nPublished : Aug. 17, 2024, 8:15 a.m. | 21\u00a0minutes ago \nDescription : The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_settings function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update plugin settings. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-17T10:37:23.000000Z"}, {"uuid": "7f02890b-3727-4a76-8ef3-71a704d4431b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40273", "type": "seen", "source": "https://t.me/cvedetector/14673", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45033 - Apache Airflow Fab Provider Insufficient Session Expiration Remote Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-45033 \nPublished : Jan. 8, 2025, 9:15 a.m. | 30\u00a0minutes ago \nDescription : Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider.  \n  \nThis issue affects Apache Airflow Fab Provider: before 1.5.2.  \n  \nWhen user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged users could continue to be logged in even after the password was changed. This only happened when the password was changed with CLI. The problem does not happen in case change was done with webserver thus this is different from\u00a0 CVE-2023-40273  \u00a0which was addressed in Apache-Airflow 2.7.0  \n  \n  \nUsers are recommended to upgrade to version 1.5.2, which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-08T10:47:49.000000Z"}, {"uuid": "44d62b75-4745-47fd-9cf7-fe895b33e23f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40275", "type": "seen", "source": "https://t.me/ctinow/211105", "content": "https://ift.tt/Af8PvyW\nCVE-2023-40275", "creation_timestamp": "2024-03-19T02:26:21.000000Z"}, {"uuid": "ccb235ea-d771-48c4-aae8-0a734c9acc71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40279", "type": "seen", "source": "https://t.me/ctinow/211521", "content": "https://ift.tt/mbAqOUC\nCVE-2023-40279", "creation_timestamp": "2024-03-19T14:26:50.000000Z"}, {"uuid": "9b5588be-46ce-461d-b41e-d4d4df6dfa7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40279", "type": "seen", "source": "https://t.me/ctinow/211524", "content": "https://ift.tt/mbAqOUC\nCVE-2023-40279", "creation_timestamp": "2024-03-19T14:26:53.000000Z"}, {"uuid": "92673416-a288-4198-9b8f-5deee7b4eb7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40275", "type": "seen", "source": "https://t.me/ctinow/211111", "content": "https://ift.tt/Af8PvyW\nCVE-2023-40275", "creation_timestamp": "2024-03-19T02:26:28.000000Z"}, {"uuid": "73d015c9-5e43-4a09-bd0f-a5ab5fd1a6d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40277", "type": "seen", "source": "https://t.me/ctinow/211107", "content": "https://ift.tt/vaOdXR2\nCVE-2023-40277", "creation_timestamp": "2024-03-19T02:26:24.000000Z"}, {"uuid": "9c7cabdc-77e5-4dd8-9c96-cf429fb0069b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40276", "type": "seen", "source": "https://t.me/ctinow/211106", "content": "https://ift.tt/59iLJN1\nCVE-2023-40276", "creation_timestamp": "2024-03-19T02:26:23.000000Z"}, {"uuid": "29d2cf7c-fd6f-4557-a55c-be772830106a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40276", "type": "seen", "source": "https://t.me/ctinow/211112", "content": "https://ift.tt/59iLJN1\nCVE-2023-40276", "creation_timestamp": "2024-03-19T02:26:29.000000Z"}, {"uuid": "08f8e825-f7d8-4680-bfd9-912212758d12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40274", "type": "seen", "source": "https://t.me/cibsecurity/68413", "content": "\u203c CVE-2023-40274 \u203c\n\nAn issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the \"zola serve\" command, allows directory traversal. The handle_request function, used by the server to process HTTP requests, does not account for sequences of special path control characters (../) in the URL when serving a file, which allows one to escape the webroot of the server and read arbitrary files from the filesystem.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-14T07:19:02.000000Z"}, {"uuid": "81f7f8de-7dea-4b42-8be6-82f37fc1359c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40277", "type": "seen", "source": "https://t.me/ctinow/211113", "content": "https://ift.tt/vaOdXR2\nCVE-2023-40277", "creation_timestamp": "2024-03-19T02:26:30.000000Z"}, {"uuid": "6d765ba8-3e7b-4358-b16b-48f0efea275a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40278", "type": "seen", "source": "https://t.me/ctinow/211461", "content": "https://ift.tt/Wx0bXTY\nCVE-2023-40278", "creation_timestamp": "2024-03-19T13:31:16.000000Z"}, {"uuid": "a925dae0-4ec0-4039-b5e3-9fd035cc9687", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40278", "type": "seen", "source": "https://t.me/ctinow/211442", "content": "https://ift.tt/Wx0bXTY\nCVE-2023-40278", "creation_timestamp": "2024-03-19T13:26:42.000000Z"}, {"uuid": "e0410ad1-d1ad-4ad9-bd69-5d09b2f14120", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40271", "type": "seen", "source": "https://t.me/cibsecurity/70124", "content": "\u203c CVE-2023-40271 \u203c\n\nIn Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function (defined during the build-time configuration phase) implemented with a dedicated function (i.e., not relying on usage of multipart functions), the buffer comparison during the verification of the authentication tag does not happen on the full 16 bytes but just on the first 4 bytes, thus leading to the possibility that unauthenticated payloads might be identified as authentic. This affects TF-Mv1.6.0, TF-Mv1.6.1, TF-Mv1.7.0, and TF-Mv1.8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-08T07:19:16.000000Z"}, {"uuid": "5d8dccad-b26f-466b-8b73-c2ec8190010a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40273", "type": "seen", "source": "https://t.me/cibsecurity/69072", "content": "\u203c CVE-2023-40273 \u203c\n\nThe session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database (for database\u00c2\u00a0session backend), or changing the secure_key and restarting the webserver, there were no mechanisms to force-logout the user (and all other users with that).With this fix implemented, when using the\u00c2\u00a0database\u00c2\u00a0session backend, the existing sessions of the user are invalidated when the password of the user is reset. When using the securecookie\u00c2\u00a0session backend, the sessions are NOT invalidated and still require changing the secure key and restarting the webserver (and logging out all other users), but the user resetting the password is informed about it with a flash message warning displayed in the UI. Documentation is also updated explaining this behaviour.Users of Apache Airflow are advised to upgrade to version 2.7.0 or newer to mitigate the risk associated with this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-23T20:12:49.000000Z"}, {"uuid": "7c5633bc-4ba0-403c-86ba-34dccd24b9ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40272", "type": "seen", "source": "https://t.me/cibsecurity/68759", "content": "\u203c CVE-2023-40272 \u203c\n\nApache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server.It is recommended to upgrade to a version that is not affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T18:37:26.000000Z"}]}