Security News > 2024 > March > AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijacking

AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijacking
2024-03-22 13:45

Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims' sessions and achieve remote code execution on underlying instances. The vulnerability, now addressed by AWS, has been codenamed FlowFixation by Tenable.


News URL

https://thehackernews.com/2024/03/aws-patches-critical-flowfixation-bug.html