Lucene search
+L

5 matches found

Nuclei
Nuclei
added 13 hours ago117 views

Apache Superset <=1.3.2 - Default Login

Apache Superset through 1.3.2 contains a default login vulnerability via registered database connections for authenticated users. An attacker can obtain access to user accounts and thereby obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2021-44451 info:...

6.5CVSS6.5AI score0.07863EPSS
Exploits0References5
NVD
NVD
added 2022/02/01 2:15 p.m.41 views

CVE-2021-44451

Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. Users should upgrade to Apache Superset 1.4.0 or higher...

6.5CVSS0.07863EPSS
Exploits0References1
OSV
OSV
added 2022/02/01 2:15 p.m.19 views

CVE-2021-44451

Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. Users should upgrade to Apache Superset 1.4.0 or higher...

6.5CVSS6.3AI score
Exploits0References1
Cvelist
Cvelist
added 2022/02/01 1:16 p.m.32 views

CVE-2021-44451 API sensitive information leak

Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. Users should upgrade to Apache Superset 1.4.0 or higher...

6.5AI score0.07863EPSS
Exploits0References1
CVE
CVE
added 2022/02/01 1:16 p.m.112 views

CVE-2021-44451

CVE-2021-44451 affects Apache Superset up to 1.3.2. The vulnerability allows authenticated users to leak database connection passwords via registered database connections. Root cause: credentials can be exposed through the configuration/connection handling for database connections. Impact: confid...

6.5CVSS6.2AI score0.07863EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder