Hacking News AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijack

Hacking News AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijack - Printable Version

+- (https://hackmyride.com/forum)
+-- Forum: Automotive Hacking (https://hackmyride.com/forum/forumdisplay.php?fid=211)
+--- Forum: News (https://hackmyride.com/forum/forumdisplay.php?fid=278)
+---- Forum: The Hacker News (https://hackmyride.com/forum/forumdisplay.php?fid=279)
+---- Thread: Hacking News AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijack (/showthread.php?tid=14971)

AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijack - The Hacker News - 03-25-2024

AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijack

Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims' sessions and achieve remote code execution on underlying instances.
The vulnerability, now addressed by AWS, has been codenamed FlowFixation by Tenable.

https://thehackernews.com/2024/03/aws-patches-critical-flowfixation-bug.html