Lucene search
PRIOn knowledge basePRION:CVE-2021-41265HistoryDec 09, 2021 - 5:15 p.m.
Authentication flaw
2021-12-0917:15:00
PRIOn knowledge base
www.prio-n.com
7
Flask-AppBuilder is a development framework built on top of Flask. Verions prior to 3.3.4 contain an improper authentication vulnerability in the REST API. The issue allows for a malicious actor with a carefully crafted request to successfully authenticate and gain access to existing protected REST API endpoints. This only affects non database authentication types and new REST API endpoints. Users should upgrade to Flask-AppBuilder 3.3.4 to receive a patch.
| CPE | Name | Operator | Version |
|---|---|---|---|
| flask-appbuilder | lt | 3.3.4 |
Related
nvd
nvd
CVE-2021-41265
2021-12-09 17:15:07
cve
cve
CVE-2021-41265
2021-12-09 17:15:07
veracode
veracode
Authentication Bypass
2021-12-10 10:47:35
osv
osv
CVE-2021-41265
2021-12-09 17:15:07
PYSEC-2021-851
2021-12-09 17:15:00
Improper Authentication in Flask-AppBuilder
2021-12-09 19:09:07
cvelist
cvelist
CVE-2021-41265 Improper Authentication in Flask-AppBuilder
2021-12-09 16:40:11
debiancve
debiancve
CVE-2021-41265
2021-12-09 17:15:07
github
github
Improper Authentication in Flask-AppBuilder
2021-12-09 19:09:07
gitlab
gitlab
Improper Authentication
2021-12-09 00:00:00