CVSS 3.1 Score 6.5 of 10 (medium)


Published Dec 21, 2023
Updated: Dec 28, 2023
CWE ID 284


CVE-2023-50783 is a vulnerability affecting Apache Airflow versions prior to 2.8.0, which allows an authenticated user without variable edit permission to update a variable. This vulnerability compromises the integrity of variable management, potentially leading to unauthorized data modification. To remediate this issue, users are advised to upgrade to version 2.8.0 of Apache Airflow, which includes a fix for this vulnerability. The potential danger posed to an organization includes the risk of unauthorized access and modification of sensitive data stored in variables within the affected versions of Apache Airflow.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-50783 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options