FKIE_CVE-2024-38363

Vulnerability from fkie_nvd - Published: 2024-07-09 15:15 - Updated: 2026-06-17 07:39
Severity
8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
Airbyte is a data integration platform for ELT pipelines. Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. The connection builder is used to create and test new connectors. Sensitive information, such as credentials, could be exposed if a user tested a new connector on a compromised instance. The connection builder does not have access to any data processes. This vulnerability is fixed in 0.62.2.
References
security-advisories@github.comhttps://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq
af854a3a-2127-422b-91ae-364da2661108https://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq
Impacted products
Vendor Product Version
To clipboard 

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "airbyte",
          "vendor": "airbytehq",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.62.2"
            }
          ]
        }
      ],
      "source": "security-advisories@github.com"
    },
    {
      "affectedData": [
        {
          "cpes": [
            "cpe:2.3:a:airbyte:airbytehq:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unknown",
          "product": "airbytehq",
          "vendor": "airbyte",
          "versions": [
            {
              "lessThan": "0.62.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Airbyte is a data integration platform for ELT pipelines. Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. The connection builder is used to create and test new connectors. Sensitive information, such as credentials, could be exposed if a user tested a new connector on a compromised instance. The connection builder does not have access to any data processes. This vulnerability is fixed in 0.62.2."
    },
    {
      "lang": "es",
      "value": "Airbyte es una plataforma de integraci\u00f3n de datos para tuber\u00edas ELT. La imagen acoplable del generador de conexiones Airbyte es vulnerable a RCE a trav\u00e9s de SSTI, lo que permite a un atacante remoto autenticado ejecutar c\u00f3digo arbitrario en el servidor como usuario del servidor web. El generador de conexiones se utiliza para crear y probar nuevos conectores. La informaci\u00f3n confidencial, como las credenciales, podr\u00eda quedar expuesta si un usuario probara un nuevo conector en una instancia comprometida. El creador de conexiones no tiene acceso a ning\u00fan proceso de datos. Esta vulnerabilidad se solucion\u00f3 en 0.62.2."
    }
  ],
  "id": "CVE-2024-38363",
  "lastModified": "2026-06-17T07:39:59.770",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 6.0,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2024-38363",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "total"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2024-07-09T14:29:59.326680Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2024-07-09T15:15:11.043",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1336"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.