Is CVE-2020-17526 known to be exploited?

10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Software Foundation Airflow

CVE-2020-17526

Incorrect Session Validation in Apache Airflow Webserver versions prior to 1.10.14 with default config allows a malicious airflow user on site A where they log in normally, to access unauthorized Airflow Webserver on Site B through the ses…

EPSS: 0.915 (99.7th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Airflow — versions Apache Airflow

Public proof-of-concept exploits

References

lists.apache.org/thread.html/rbeeb73a6c741f2f9200d83b9c2220610da314810c4e8c9cf8… (x_refsource_MISC)
[oss-security] 20201221 CVE-2020-17526: Apache Airflow Incorrect Session Validation in Airflow Webserver with default config (mailing-list, x_refsource_MLIST)
[announce] 20210623 Success at Apache: Security in Practice (mailing-list, x_refsource_MLIST)

Frequently asked questions

What is CVE-2020-17526?: CVE-2020-17526 is a vulnerability in Apache Software Foundation Airflow. Published 2020-12-21.
Is CVE-2020-17526 known to be exploited?: 10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.