THREATOPS
THREAT OPSCVEs › CVE-2020-13927

CVE-2020-13927 — Apache Airflow's Experimental API Authentication Bypass

CISA KEVExploited: confirmedApache

The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.

Vulnerability details