Apache Airflow default credentials
Description
Apache Airflow is an open-source workflow management platform for data engineering pipelines. This vulnerability indicates that the Apache Airflow instance is accessible using default administrative credentials that have not been changed from their factory settings.
Default credentials are publicly documented and widely known, making them a common target for attackers. Apache Airflow is designed to operate within trusted environments and should not be exposed to untrusted networks without proper authentication controls.
Remediation
Immediately change the default administrative credentials for Apache Airflow. Follow these steps to secure your installation:<br/><br/>1. Access the Airflow configuration and create a new administrative user with a strong, unique password<br/>2. Remove or disable all default user accounts (commonly 'admin', 'airflow', or 'user')<br/>3. Implement role-based access control (RBAC) to enforce the principle of least privilege<br/>4. Configure authentication through enterprise identity providers (LDAP, OAuth, or SAML) rather than relying on local accounts<br/>5. Restrict network access to the Airflow web interface using firewall rules or VPN requirements<br/>6. Enable audit logging to monitor authentication attempts and administrative actions<br/><br/>To create a new admin user via CLI:<br/><pre>airflow users create \ --username new_admin \ --firstname Admin \ --lastname User \ --role Admin \ --email admin@example.com \ --password secure_password</pre><br/>Consult the official Apache Airflow security documentation for additional hardening measures appropriate for your deployment environment.