apache-airflow is vulnerable to man-in-the-middle (MitM) attack. A misconfiguration and improper exceptions checking in the LDAP authentication backend airflow.contrib.auth.backends.ldap_auth
disabled server certificate checking, and allowed for man-in-the-middle attacks against clients connecting to the LDAP server.