Security researchers have uncovered misconfiguration in older versions of Apache Airflow that expose sensitive info across major companies across the media, finance, manufacturing, information technology, biotech, e-commerce, health, energy, cybersecurity and transportation industries.
Apache Airflow is an open-source workflow management platform that Airbnb Inc. first designed in 2014 to manage the company’s workflows. The service offers a plug and play platform for data engineers to visualize data pipeline dependencies, progress, logs, code, trigger tasks and success status.
The service has become popular, and therein lies the problem with the misconfiguration of older versions used by many companies. The misconfiguration can be found in Amazon Web Services Inc., Google Cloud Platform, Stripe Inc., PayPal Holdings Inc., Binance Ltd. and Slack Inc among others.
Exposing secrets such as user credentials can cause data leakage or allow attackers to spread further in a system. Customer data exposed as a result of a data leak can lead to a violation of data protection laws and the possibility of legal action.
Threat actors might be able to use these credentials to compromise entire app containers and/or run their own containers using a victim’s billing information.While user information wasn’t directly compromised through these leaks, they open the door to compromises of user data in massive quantities.