Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/13 8:31 p.m.8 views

CVE-2024-26016

A low privilege authenticated user could import an existing dashboard or chart that they do not have access to and then modify its metadata, thereby gaining ownership of the object. However, it's important to note that access to the analytical data of these charts and dashboards would still be...

5.4CVSS6.6AI score0.00866EPSS
Exploits0References1
NVD
NVD
added 2024/02/28 12:15 p.m.23 views

CVE-2024-26016

A low privilege authenticated user could import an existing dashboard or chart that they do not have access to and then modify its metadata, thereby gaining ownership of the object. However, it's important to note that access to the analytical data of these charts and dashboards would still be...

5.4CVSS4.6AI score0.00866EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/28 11:28 a.m.8 views

CVE-2024-26016 Apache Superset: Improper authorization validation on dashboards and charts import

A low privilege authenticated user could import an existing dashboard or chart that they do not have access to and then modify its metadata, thereby gaining ownership of the object. However, it's important to note that access to the analytical data of these charts and dashboards would still be...

4.3CVSS4.9AI score0.00866EPSS
Exploits0References2
CVE
CVE
added 2024/02/28 11:28 a.m.123 views

CVE-2024-26016

CVE-2024-26016 affects Apache Superset. A low-privilege authenticated user can import a dashboard or chart they shouldn’t access and modify its metadata, effectively gaining ownership of the object. The vulnerability hinges on improper authorization validation during the import process; access to...

5.4CVSS4.9AI score0.00866EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder