3 matches found
CVE-2021-41192
Redash is a package for data visualization and sharing. If an admin sets up Redash versions 10.0.0 and prior without explicitly specifying the REDASHCOOKIESECRET or REDASHSECRETKEY environment variables, a default value is used for both that is the same across all installations. In such cases, th...
CVE-2021-41192
Redash is a package for data visualization and sharing. If an admin sets up Redash versions 10.0.0 and prior without explicitly specifying the REDASHCOOKIESECRET or REDASHSECRETKEY environment variables, a default value is used for both that is the same across all installations. In such cases, th...
CVE-2021-41192
Redash CVE-2021-41192 affects Redash versions 10.0.0 and earlier when admins do not explicitly set REDASH_COOKIE_SECRET and REDASH_SECRET_KEY. A default secret is used that is the same across installations, enabling session forgery by attackers who know the default value (c292a0a3aa32397cdb050e23...