Apache Airflow Ftp Provider
Monthly
Cleartext data-channel exposure in the Apache Airflow FTP provider (apache-airflow-providers-ftp before 3.15.1) lets a network attacker positioned on the data path read file contents and credentials moved over FTPS. The FTPSHook.get_conn() method established an ftplib.FTP_TLS control connection but never issued PROT P, so payloads transferred via FTPSHook or FTPSFileTransmitOperator traveled in plaintext despite the TLS-protected control channel. There is no public exploit identified at time of analysis, EPSS is very low (0.10%, 1st percentile), and it is not on CISA KEV.
Cleartext data-channel exposure in the Apache Airflow FTP provider (apache-airflow-providers-ftp before 3.15.1) lets a network attacker positioned on the data path read file contents and credentials moved over FTPS. The FTPSHook.get_conn() method established an ftplib.FTP_TLS control connection but never issued PROT P, so payloads transferred via FTPSHook or FTPSFileTransmitOperator traveled in plaintext despite the TLS-protected control channel. There is no public exploit identified at time of analysis, EPSS is very low (0.10%, 1st percentile), and it is not on CISA KEV.