AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijack
Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims' sessions and achieve remote code execution on underlying instances.
The vulnerability, now addressed by AWS, has been codenamed FlowFixation by Tenable.
https://thehackernews.com/2024/03/aws-pa...n-bug.html