Privilege Context Switching Error

CVE-2023-25754

High

9.8/10

Summary

Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow. This issue affects apache-airflow versions prior to 2.6.0b1.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-270 - Privilege Context Switching Error

The software does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control.

References

Advisory
Release Note
Issue

Advisory Timeline

Published May 08, 2023

Privilege Context Switching Error

CVE-2023-25754

Summary

CWE-270 - Privilege Context Switching Error

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS