Primary

Context

Apache Airflow AWS Auth Manager SAML Authentication Bypass Vulnerability

Vulnerability

Patched

A vulnerability in the AWS Auth manager of Apache Airflow Providers Amazon versions 8.0.0 prior to 9.22.0 allows for SAML authentication bypass. The issue arises because the origin of the SAML authentication is accepted as provided by the client without verification against the actual instance URL. This flaw enables access to different instances with potentially varying access controls by reusing SAML responses from other instances.

Impact

Exploitation of this vulnerability could lead to unauthorized access to instances with different access controls, allowing users to bypass SAML authentication restrictions.

Remediation

Users are advised to upgrade to version 9.22.0 of the Apache Airflow Providers Amazon package.

Added: Mar 9, 2026, 11:18 AM

Updated: Mar 9, 2026, 11:18 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

6.6

remediation

7.7

relevance

3.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

6.6

remediation

7.7

relevance

3.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apache Airflow AWS Auth Manager SAML Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Apache Airflow AWS Auth Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating