21 lines
396 B
YAML
21 lines
396 B
YAML
id: CVE-2020-13927
|
|
|
|
info:
|
|
name: Unauthenticated Airflow Experimental REST API
|
|
author: pdteam
|
|
severity: critical
|
|
tags: cve,cve2020,apache,airflow,unauth
|
|
|
|
requests:
|
|
- method: GET
|
|
path:
|
|
- '{{BaseURL}}/api/experimental/latest_runs'
|
|
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- '"dag_run_url":'
|
|
- '"dag_id":'
|
|
- '"items":'
|
|
condition: and
|