CVE-2026-28563 Overview
CVE-2026-28563 is an authorization bypass vulnerability in Apache Airflow that affects versions 3.1.0 through 3.1.7. The /ui/dependencies endpoint returns the full DAG dependency graph without properly filtering by authorized DAG IDs. This allows an authenticated user with only DAG Dependencies permission to enumerate DAGs they are not authorized to view, potentially exposing sensitive workflow information and organizational data pipeline structures.
Critical Impact
Authenticated users can enumerate unauthorized DAGs through the dependency graph endpoint, potentially revealing sensitive workflow configurations, task names, and organizational data processing patterns.
Affected Products
- Apache Airflow versions 3.1.0 through 3.1.7
- Deployments utilizing DAG-level access controls with multiple user permission levels
- Organizations relying on Airflow's authorization model for data pipeline segregation
Discovery Timeline
- 2026-03-17 - CVE-2026-28563 published to NVD
- 2026-03-17 - Last updated in NVD database
Technical Details for CVE-2026-28563
Vulnerability Analysis
This vulnerability stems from improper access control (CWE-732: Incorrect Permission Assignment for Critical Resource) in Apache Airflow's web UI component. The /ui/dependencies endpoint is designed to display the dependency relationships between DAGs, providing a visual representation of workflow interdependencies. However, the implementation fails to enforce the established DAG-level authorization model.
In multi-tenant or role-restricted Airflow deployments, administrators typically configure fine-grained access controls to limit which DAGs specific users can view and manage. The vulnerable endpoint bypasses these controls by returning the complete dependency graph for all DAGs in the system, regardless of the requesting user's authorization scope. This effectively creates an information disclosure channel that undermines the entire DAG-level permission model.
The attack requires authentication, meaning anonymous users cannot exploit this vulnerability. However, any authenticated user with the DAG Dependencies permission—even minimal access—can leverage this flaw to discover the existence and structure of DAGs they should not be able to see.
Root Cause
The root cause is incorrect permission assignment for the dependencies endpoint resource. The /ui/dependencies endpoint fails to apply DAG-level authorization filters before returning the dependency graph data. While the Airflow permission model supports granular DAG access controls, this specific endpoint was implemented without integrating the necessary authorization checks to filter the response based on the authenticated user's permitted DAG list.
Attack Vector
The attack is network-based and can be executed remotely by any authenticated user. An attacker with minimal permissions (just DAG Dependencies access) can send requests to the /ui/dependencies endpoint to retrieve the full dependency graph. This enumeration can reveal:
- Names and identifiers of all DAGs in the system
- Dependency relationships between DAGs
- Organizational workflow structures and data pipeline architectures
- Potentially sensitive information embedded in DAG naming conventions
The vulnerability is exploited through standard HTTP GET requests to the vulnerable endpoint. Since the issue is an authorization bypass rather than an input validation flaw, there is no specific payload required—simply accessing the endpoint with valid authentication credentials is sufficient.
Detection Methods for CVE-2026-28563
Indicators of Compromise
- Unusual access patterns to the /ui/dependencies endpoint from users with limited DAG permissions
- Repeated requests to the dependencies endpoint by accounts that do not typically access this feature
- Access log entries showing the dependencies endpoint being called by users who only have restricted DAG access
- Correlation of dependencies endpoint access with subsequent unauthorized actions targeting specific DAGs
Detection Strategies
- Implement logging and monitoring for all requests to /ui/dependencies with user context
- Create alerts for users accessing the dependencies endpoint who have limited DAG permissions configured
- Perform periodic access reviews comparing DAG Dependencies permission grants against actual user role requirements
- Deploy web application firewall rules to monitor and rate-limit access to sensitive UI endpoints
Monitoring Recommendations
- Enable detailed access logging for Airflow web UI endpoints with user identity correlation
- Configure SIEM rules to detect enumeration patterns against the dependencies endpoint
- Monitor for reconnaissance activity that may precede targeted attacks on specific DAGs
- Establish baseline access patterns for the dependencies endpoint to identify anomalous behavior
How to Mitigate CVE-2026-28563
Immediate Actions Required
- Upgrade Apache Airflow to version 3.1.8 or later immediately
- Review access logs for the /ui/dependencies endpoint to identify potential exploitation
- Audit users with DAG Dependencies permission to ensure appropriate access levels
- Consider temporarily restricting access to the dependencies feature until patching is complete
Patch Information
Apache has addressed this vulnerability in Apache Airflow version 3.1.8. The fix implements proper DAG-level authorization filtering on the /ui/dependencies endpoint, ensuring users only see dependency information for DAGs they are authorized to access. The patch is available through the official Apache Airflow release channels. Technical details of the fix can be reviewed in the GitHub Pull Request #62046. Additional context is available on the Apache Mailing List Thread.
Workarounds
- Temporarily revoke DAG Dependencies permission from users who do not strictly require it
- Implement network-level access controls to restrict access to the Airflow web UI from untrusted networks
- Deploy a reverse proxy with custom rules to block or limit access to the /ui/dependencies endpoint
- Consider implementing additional authentication layers for sensitive Airflow endpoints until the patch can be applied
# Configuration example
# Review and restrict DAG Dependencies permission in Airflow RBAC
# List users with DAG Dependencies permission
airflow users list
# Audit permissions for specific users
airflow roles list
# Remove unnecessary DAG Dependencies permission from restricted users
# This should be done through Airflow's RBAC configuration or Admin UI
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
