{"api_version":"1","generated_at":"2026-05-06T03:45:35+00:00","cve":"CVE-2023-35797","urls":{"html":"https://cve.report/CVE-2023-35797","api":"https://cve.report/api/cve/CVE-2023-35797.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-35797","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-35797"},"summary":{"title":"CVE-2023-35797","description":"Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider.\nThis issue affects Apache Airflow Apache Hive Provider: before 6.1.1.\n\nBefore version 6.1.1 it was possible to bypass the security check to RCE via\nprincipal parameter. For this to be exploited it requires access to modifying the connection details.\n\nIt is recommended updating provider version to 6.1.1 in order to avoid this vulnerability.","state":"PUBLIC","assigner":"security@apache.org","published_at":"2023-07-03 10:15:00","updated_at":"2023-07-13 23:15:00"},"problem_types":["CWE-20"],"metrics":[],"references":[{"url":"https://lists.apache.org/thread/30y19ok07fw52x5hnkbhwqo3ho0wwc1y","name":"https://lists.apache.org/thread/30y19ok07fw52x5hnkbhwqo3ho0wwc1y","refsource":"MISC","tags":[],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2023/07/12/3","name":"http://www.openwall.com/lists/oss-security/2023/07/12/3","refsource":"MISC","tags":[],"title":"oss-security - CVE-2023-37415: Apache Airflow Apache Hive Provider: Improper\n Input Validation in Hive Provider with proxy_user","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/apache/airflow/pull/31983","name":"https://github.com/apache/airflow/pull/31983","refsource":"MISC","tags":[],"title":"Sanitize beeline principal parameter by potiuk · Pull Request #31983 · apache/airflow · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-35797","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-35797","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"35797","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"apache-airflow-providers-apache-hive","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-35797","ASSIGNER":"security@apache.org","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider.\nThis issue affects Apache Airflow Apache Hive Provider: before 6.1.1.\n\nBefore version 6.1.1 it was possible to bypass the security check to RCE via\nprincipal parameter. For this to be exploited it requires access to modifying the connection details.\n\nIt is recommended updating provider version to 6.1.1 in order to avoid this vulnerability.\n\n"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Apache Software Foundation","product":{"product_data":[{"product_name":"Apache Airflow Apache Hive Provider","version":{"version_data":[{"version_affected":"<","version_name":"0","version_value":"6.1.1"}]}}]}}]}},"references":{"reference_data":[{"url":"https://github.com/apache/airflow/pull/31983","refsource":"MISC","name":"https://github.com/apache/airflow/pull/31983"},{"url":"https://lists.apache.org/thread/30y19ok07fw52x5hnkbhwqo3ho0wwc1y","refsource":"MISC","name":"https://lists.apache.org/thread/30y19ok07fw52x5hnkbhwqo3ho0wwc1y"},{"url":"http://www.openwall.com/lists/oss-security/2023/07/12/3","refsource":"MISC","name":"http://www.openwall.com/lists/oss-security/2023/07/12/3"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"discovery":"UNKNOWN"},"credits":[{"lang":"en","value":"id_No2015429 of 3H Secruity Team"}]},"nvd":{"publishedDate":"2023-07-03 10:15:00","lastModifiedDate":"2023-07-13 23:15:00","problem_types":["CWE-20"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:apache-airflow-providers-apache-hive:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.1","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}