Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-35936

If remote logging is not used, the worker (in the case of CeleryExecutor) or the scheduler (in the case of LocalExecutor) runs a Flask logging server and is listening on a specific port and also binds on 0.0.0.0 by default. This logging server had no authentication and allows reading log files of DAG jobs. This issue affects Apache Airflow < 2.1.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.3%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
Products affected by CVE-2021-35936
  • Apache » Airflow » Version: N/A
    cpe:2.3:a:apache:airflow:-
  • Apache » Airflow » Version: 0.1
    cpe:2.3:a:apache:airflow:0.1
  • Apache » Airflow » Version: 0.2
    cpe:2.3:a:apache:airflow:0.2
  • Apache » Airflow » Version: 0.2.1
    cpe:2.3:a:apache:airflow:0.2.1
  • Apache » Airflow » Version: 0.2.2
    cpe:2.3:a:apache:airflow:0.2.2
  • Apache » Airflow » Version: 0.2.3
    cpe:2.3:a:apache:airflow:0.2.3
  • Apache » Airflow » Version: 0.3
    cpe:2.3:a:apache:airflow:0.3
  • Apache » Airflow » Version: 0.3.1
    cpe:2.3:a:apache:airflow:0.3.1
  • Apache » Airflow » Version: 0.3.2
    cpe:2.3:a:apache:airflow:0.3.2
  • Apache » Airflow » Version: 0.4
    cpe:2.3:a:apache:airflow:0.4
  • Apache » Airflow » Version: 0.4.1
    cpe:2.3:a:apache:airflow:0.4.1
  • Apache » Airflow » Version: 0.4.2
    cpe:2.3:a:apache:airflow:0.4.2
  • Apache » Airflow » Version: 0.4.3
    cpe:2.3:a:apache:airflow:0.4.3
  • Apache » Airflow » Version: 0.4.5
    cpe:2.3:a:apache:airflow:0.4.5
  • Apache » Airflow » Version: 0.4.6
    cpe:2.3:a:apache:airflow:0.4.6
  • Apache » Airflow » Version: 0.5.0
    cpe:2.3:a:apache:airflow:0.5.0
  • Apache » Airflow » Version: 1.0.0
    cpe:2.3:a:apache:airflow:1.0.0
  • Apache » Airflow » Version: 1.0.1
    cpe:2.3:a:apache:airflow:1.0.1
  • Apache » Airflow » Version: 1.1.0
    cpe:2.3:a:apache:airflow:1.1.0
  • Apache » Airflow » Version: 1.1.1
    cpe:2.3:a:apache:airflow:1.1.1
  • Apache » Airflow » Version: 1.10.0
    cpe:2.3:a:apache:airflow:1.10.0
  • Apache » Airflow » Version: 1.10.1
    cpe:2.3:a:apache:airflow:1.10.1
  • Apache » Airflow » Version: 1.10.10
    cpe:2.3:a:apache:airflow:1.10.10
  • Apache » Airflow » Version: 1.10.11
    cpe:2.3:a:apache:airflow:1.10.11
  • Apache » Airflow » Version: 1.10.12
    cpe:2.3:a:apache:airflow:1.10.12
  • Apache » Airflow » Version: 1.10.13
    cpe:2.3:a:apache:airflow:1.10.13
  • Apache » Airflow » Version: 1.10.14
    cpe:2.3:a:apache:airflow:1.10.14
  • Apache » Airflow » Version: 1.10.15
    cpe:2.3:a:apache:airflow:1.10.15
  • Apache » Airflow » Version: 1.10.2
    cpe:2.3:a:apache:airflow:1.10.2
  • Apache » Airflow » Version: 1.10.5
    cpe:2.3:a:apache:airflow:1.10.5
  • Apache » Airflow » Version: 1.10.6
    cpe:2.3:a:apache:airflow:1.10.6
  • Apache » Airflow » Version: 1.10.7
    cpe:2.3:a:apache:airflow:1.10.7
  • Apache » Airflow » Version: 1.10.8
    cpe:2.3:a:apache:airflow:1.10.8
  • Apache » Airflow » Version: 1.10.9
    cpe:2.3:a:apache:airflow:1.10.9
  • Apache » Airflow » Version: 1.2.0
    cpe:2.3:a:apache:airflow:1.2.0
  • Apache » Airflow » Version: 1.3.0
    cpe:2.3:a:apache:airflow:1.3.0
  • Apache » Airflow » Version: 1.4.0
    cpe:2.3:a:apache:airflow:1.4.0
  • Apache » Airflow » Version: 1.4.1
    cpe:2.3:a:apache:airflow:1.4.1
  • Apache » Airflow » Version: 1.5.0
    cpe:2.3:a:apache:airflow:1.5.0
  • Apache » Airflow » Version: 1.5.1
    cpe:2.3:a:apache:airflow:1.5.1
  • Apache » Airflow » Version: 1.5.2
    cpe:2.3:a:apache:airflow:1.5.2
  • Apache » Airflow » Version: 1.6.0
    cpe:2.3:a:apache:airflow:1.6.0
  • Apache » Airflow » Version: 1.6.1
    cpe:2.3:a:apache:airflow:1.6.1
  • Apache » Airflow » Version: 1.6.2
    cpe:2.3:a:apache:airflow:1.6.2
  • Apache » Airflow » Version: 1.7.0
    cpe:2.3:a:apache:airflow:1.7.0
  • Apache » Airflow » Version: 1.7.1
    cpe:2.3:a:apache:airflow:1.7.1
  • Apache » Airflow » Version: 1.7.1.1
    cpe:2.3:a:apache:airflow:1.7.1.1
  • Apache » Airflow » Version: 1.7.1.2
    cpe:2.3:a:apache:airflow:1.7.1.2
  • Apache » Airflow » Version: 1.7.1.3
    cpe:2.3:a:apache:airflow:1.7.1.3
  • Apache » Airflow » Version: 1.8.0
    cpe:2.3:a:apache:airflow:1.8.0
  • Apache » Airflow » Version: 1.8.1
    cpe:2.3:a:apache:airflow:1.8.1
  • Apache » Airflow » Version: 1.8.2
    cpe:2.3:a:apache:airflow:1.8.2
  • Apache » Airflow » Version: 1.9.0
    cpe:2.3:a:apache:airflow:1.9.0
  • Apache » Airflow » Version: 2.0.0
    cpe:2.3:a:apache:airflow:2.0.0
  • Apache » Airflow » Version: 2.0.1
    cpe:2.3:a:apache:airflow:2.0.1
  • Apache » Airflow » Version: 2.0.2
    cpe:2.3:a:apache:airflow:2.0.2
  • Apache » Airflow » Version: 2.1.0
    cpe:2.3:a:apache:airflow:2.1.0
  • Apache » Airflow » Version: 2.1.1
    cpe:2.3:a:apache:airflow:2.1.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved