Apache Airflow Servers Leak Thousands of Credentials

Apache Airflow is one of the most popular open-source workflow management platforms.

Researchers from Intezer have discovered while investigating a misconfiguration flaw in Apache Airflow a large number of exposed instances over the web.

These instances were leaking sensitive information from well-known tech companies.

Nicole Fishbein and Ryan Robinson are the researchers that disclosed details regarding how they identified the misconfiguration errors across Apache Airflow servers ran by major tech companies.

These specific misconfiguration flaws have resulted in sensitive data leakage that included thousands of credentials coming from popular platforms and services.

As reported by BleepingComputer, Slack, PayPal, and Amazon Web Services (AWS), among others, were just a few of the platforms affected by the Apache misconfiguration flaw.

Workflow management platforms are an indispensable tool for automating business and IT tasks. These platforms make it easier to create, schedule and monitor workflows. They are typically hosted on the cloud to provide increased accessibility and scalability. On the flip side, misconfigured instances that allow internet-wide access make these platforms ideal candidates for exploitation by attackers.

While researching a misconfiguration in the popular workflow platform, Apache Airflow, we discovered a number of unprotected instances. These unsecured instances expose sensitive information of companies across the media, finance, manufacturing, information technology

Read More: https://heimdalsecurity.com/blog/apache-airflow-servers-leak-thousands-of-credentials/