claytonvantol.us

SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2020-13927-apache-airflows-experimental-api.log

CVE-2020-13927 — Apache Airflow's Experimental API Authentication Bypass

2022-01-18 • CISA Known Exploited Vulnerability

[event] The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.

> AFFECTED SOFTWARE

Field	Value
Vendor	Apache
Product	Airflow's Experimental API
CWE	CWE-1188, CWE-306
CVE ID	CVE-2020-13927
Date Added	2022-01-18
Due Date	2022-07-18
Ransomware Campaign	Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2022-07-18

> REFERENCES

[1] https://nvd.nist.gov/vuln/detail/CVE-2020-13927

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:14 UTC