Lucene search
GoogleOSV:CVE-2022-43719HistoryJan 16, 2023 - 11:15 a.m.
CVE-2022-43719
2023-01-1611:15:10
Google
osv.dev
6
apache superset
cross site request forgery
legacy rest api
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.7
Confidence
High
EPSS
0.005
Percentile
77.7%
Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.
Related
cnvd
cnvd
Apache Superset Cross-Site Request Forgery Vulnerability
2023-01-18 00:00:00
veracode
veracode
Cross-Site Request Forgery (CSRF)
2023-01-19 03:47:44
github
github
nvd
nvd
CVE-2022-43719
2023-01-16 11:15:10
prion
prion
Cross site request forgery (csrf)
2023-01-16 11:15:00
osv
osv
cvelist
cvelist
cve
cve
CVE-2022-43719
2023-01-16 11:15:10
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.7
Confidence
High
EPSS
0.005
Percentile
77.7%
Related for OSV:CVE-2022-43719