AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijacking
AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijacking
22 March 2024
Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims' sessions and achieve remote code execution on underlying instances.
The vulnerability, now addressed by AWS, has been codenamed FlowFixation by Tenable.