CVE-2026-45192
Information Disclosure in Apache Airflow
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: Apache Software Foundation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apache | airflow | From 3.2.2 (inc) |
| apache | airflow | to 3.2.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Apache Airflow REST API endpoint GET /api/v2/connections/{connection_id}. It allows an authenticated user with Connection-read permission to access secrets stored in a Connection's extra JSON blob that are not included in the redaction allowlist (DEFAULT_SENSITIVE_FIELDS). As a result, sensitive credential fields, such as those used by the Slack provider, could be returned in plaintext to users who should not have access to them.
The issue affects deployments that store credentials directly in the Connection extra blobs and grant Connection-read access to multiple users. The vulnerability was addressed by extending the allowlist of sensitive fields to be masked and recommending storing sensitive credentials in a secret-backend instead of inline in the extra field.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of sensitive credentials stored in Apache Airflow Connections. Users with Connection-read permission could retrieve secrets such as Slack webhook URLs, bearer tokens, database connection strings, and other sensitive keys in plaintext. This exposure could allow attackers or unauthorized users to misuse these credentials, potentially leading to unauthorized access to external services, data breaches, or further compromise of systems integrated with Airflow.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves an authenticated user with Connection-read permission accessing sensitive credential fields in the Connection's extra JSON blob that are not properly redacted.
Detection would involve monitoring API calls to the GET /api/v2/connections/{connection_id} endpoint for suspicious access patterns or unexpected retrieval of sensitive fields.
Since the vulnerability is related to exposure of sensitive fields not in the redaction allowlist, you can audit logs or API responses for presence of sensitive credential fields such as Slack webhook URLs, bearer tokens, database DSNs, auth headers, or service keys in plaintext.
Specific commands are not provided in the available resources, but general approaches include:
- Use network monitoring tools (e.g., tcpdump, Wireshark) to capture API traffic and inspect responses from the vulnerable endpoint.
- Query Airflow logs for GET requests to /api/v2/connections and check if sensitive fields appear in the output.
- Use curl or similar HTTP clients with authenticated credentials to manually test the endpoint and inspect returned JSON for sensitive fields.
What immediate steps should I take to mitigate this vulnerability?
The primary recommended mitigation is to upgrade Apache Airflow to version 3.2.2 or later, where the redaction allowlist has been extended to mask additional sensitive credential fields.
As a defense-in-depth measure, deployment operators should avoid storing sensitive credential values directly in the Connection's extra JSON field.
Instead, sensitive credentials should be stored in a secret-backend supported by Airflow, reducing the risk of exposure even if Connection-read permissions are granted.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows an authenticated user with Connection-read permission to retrieve sensitive credential information stored in the Connection's extra JSON blob that is not properly redacted. This exposure of secrets, such as Slack provider credentials, could lead to unauthorized access or data breaches.
Such unauthorized disclosure of sensitive credentials may impact compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and proper access controls to prevent data leaks.
Mitigations include upgrading to Apache Airflow 3.2.2 or later and storing sensitive credentials in a secret backend rather than in the Connection's extra field, which can help reduce the risk of non-compliance.