CVE-2023-50943
XCom Data Poisoning vulnerability in apache-airflow (PyPI)
What is CVE-2023-50943 About?
Apache Airflow versions before 2.8.1 are vulnerable to XCom data poisoning, allowing an attacker to bypass the `enable_xcom_pickling=False` setting. This can lead to the deserialization of poisoned XCom data, posing a risk of malicious code execution. Exploitation requires a DAG author to initiate the attack, making it a low-severity threat.
Affected Software
- apache-airflow
- <2.8.1
- <2.8.1rc1
Technical Details
The vulnerability in Apache Airflow versions before 2.8.1 bypasses the intended protection mechanism of the enable_xcom_pickling=False configuration. This setting is designed to prevent the deserialization of pickled XCom data to mitigate the risks associated with arbitrary code execution. However, a flaw allows a DAG author to introduce malicious data into XCom that, even with pickling disabled, can be deserialized in an unsafe manner. This 'poisoned' data can then trigger unintended behavior or, potentially, arbitrary code execution during the deserialization process in a subsequent task. The attack vector specifically targets the XCom storage and retrieval mechanism, where the integrity of data and the safety of its deserialization are compromised despite the explicit configuration.
What is the Impact of CVE-2023-50943?
Successful exploitation may allow attackers to poison XCom data, leading to unintended behavior, data corruption, or potentially remote code execution during subsequent XCom deserialization processes.
What is the Exploitability of CVE-2023-50943?
Exploitation complexity is moderate. It specifically requires the involvement of a DAG author. Prerequisites include an attacker having legitimate DAG authoring capabilities within Airflow. Authentication to Airflow with sufficient privileges to create or modify DAGs is necessary. The attack is primarily executed remotely through the Airflow web interface or API by submitting a malicious DAG. The special condition is that the vulnerability bypasses a specific security control (enable_xcom_pickling=False), making the system vulnerable even when this mitigation is assumed to be active. The risk is considered low because a DAG author must be the one to exploit it, implying insider threat or a pre-compromised DAG author account. The likelihood increases if attacker gains trusted DAG authoring privileges.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2023-50943?
Available Upgrade Options
- apache-airflow
- <2.8.1rc1 → Upgrade to 2.8.1rc1
- apache-airflow
- <2.8.1 → Upgrade to 2.8.1
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://github.com/apache/airflow/pull/36255
- https://github.com/apache/airflow/commit/2c4c5bc604e9ab0cc1e98f7bee7d31d566579462
- https://github.com/pypa/advisory-database/tree/main/vulns/apache-airflow/PYSEC-2024-13.yaml
- https://osv.dev/vulnerability/PYSEC-2024-13
- http://www.openwall.com/lists/oss-security/2024/01/24/4
- https://github.com/apache/airflow
- https://lists.apache.org/thread/fx278v0twqzxkcts70tc04cp3f8p56pn
- https://github.com/apache/airflow/pull/36255
- https://nvd.nist.gov/vuln/detail/CVE-2023-50943
- http://www.openwall.com/lists/oss-security/2024/01/24/4
What are Similar Vulnerabilities to CVE-2023-50943?
Similar Vulnerabilities: CVE-2024-45784 , CVE-2023-50783 , CVE-2022-40127 , CVE-2021-36224 , CVE-2019-12760
