Skip to content

Information Disclosure: Airflow Config Exposure

Identifier: airflow_config_exposure

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

When Apache Airflow configuration files are accidentally left accessible, they can leak sensitive details like credentials and system settings, potentially allowing attackers to misconfigure or abuse the Airflow instance.

How we test: We scan for exposed Apache Airflow configuration pages and analyze responses to detect if sensitive configuration details, credentials, or system settings are accessible via web servers.

Configuration

Example

Example configuration:

---
security_tests:
  airflow_config_exposure:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.