Lucene search

K
githubexploit23639DFE-F55C-5E1D-A284-974B894AF9C2
HistoryApr 25, 2023 - 4:59 a.m.

Exploit for Insecure Default Initialization of Resource in Apache Superset

2023-04-2504:59:05
242
apache superset
cve-2023-27524
security exploit
session cookies
flask secret_key
remote code execution
api
user id
vulnerability
mitigations
horizon3.ai

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.972 High

EPSS

Percentile

99.8%

CVE-2023-27524: Apache Superset Auth Bypass

Script to check if…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.972 High

EPSS

Percentile

99.8%