Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) carried a flaw which allowed threat actors to hijack people’s sessions and execute malicious code on underlying instances, remotely, experts have warned.
Cybersecurity researchers Tenable discovered the vulnerability and dubbed it FlowFixation, explaining the vulnerability stems from both session fixation on the AWS MWAA web management platform, and a misconfiguration in the AWS domain. These two open the doors for a cross-site scripting (XSS) attack.
“Upon taking over the victim’s account, the attacker could have performed tasks such as reading connection strings, adding configurations and triggering directed acyclic graphs (DAGS),” Tenable’s senior security researcher, Liv Matan, explained. “Under certain…
Source link