Improper Exception Handling in LDAP Auth Backend Disables Server Certificate Checking
CVE-2018-20245 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:N
The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking.
Learn more about our Cis Benchmark Audit For Apache Http Server.