A critical security oversight in widely used Apache Airflow instances has exposed credentials for platforms like AWS, Slack, PayPal, and other services, leaving organizations vulnerable to data breaches and supply chain attacks.
Researchers at Intezer discovered thousands of unprotected instances across industries, including finance, healthcare, e-commerce, and cybersecurity. These instances revealed systemic risks tied to outdated configurations and insecure coding practices.
Misconfigured Apache Airflow servers
Apache Airflow, an open-source workflow orchestration tool, uses Python-based Directed Acyclic Graphs (DAGs) to automate tasks. However, misconfigured instances, particularly those running versions prior to 2.0, expose credentials through multiple attack surfaces:
Hardcoded Secrets in DAG Scripts: The most prevalent issue involves plaintext passwords embedded directly in DAG code. For example, a PostgreSQL database credential was found exposed in a production environment:
Such practices bypass the Airflow secure Connections feature, which encrypts credentials using Fernet keys.
Unencrypted Variables and Connections
Airflow’s Variables feature, designed to store reusable parameters, often contained Slack tokens and API keys in plaintext:
Similarly, credentials stored in the Extra field of Connections—meant for metadata—were left unencrypted, exposing AWS keys like AKIAEXAMPLE12345.
Logging Vulnerabilities (CVE-2020-17511)
Versions prior to 1.10.13 logged CLI-inputted credentials in plaintext. A compromised log entry revealed a SQL Lakehouse password:
This flaw allowed attackers to harvest credentials without direct database access.
Exposed Configuration Files
Instances with expose_config=True in airflow.cfg disclosed Fernet keys and database passwords:
Such flaws granted attackers full control over Airflow’s encryption mechanisms.
Malicious actors leveraging these exposures could hijack cloud resources, initiate lateral movement, or deploy ransomware. Intezer observed instances where airflow-code-editor plugins enabled unauthorized DAG modifications, risking malicious code execution.
The leaks also violate GDPR and other data protection laws, exposing organizations to fines and reputational damage. In one case, Docker image names for proprietary software were exposed, raising concerns about supply chain attacks.
Mitigations
Organizations are urged to:
- Upgrade to Airflow 2.0+, which enforces authentication, removes risky features like Ad Hoc Query and encrypts variables by default.
- Adopt Secure Coding Practices: Replace hardcoded secrets with environment variables or encrypted connections.
- Audit Configuration Files: Ensure expose_config=False and rotate Fernet keys
Following responsible disclosure, Intezer notified affected entities, though many remain unpatched. As workflow automation becomes ubiquitous, securing tools like Airflow is no longer optional a prerequisite for operational integrity.
Collect Threat Intelligence on the Latest Malware and Phishing Attacks with ANY.RUN TI Lookup -> Try for free
