Lucene search
Veracode Vulnerability DatabaseVERACODE:33242HistoryDec 10, 2021 - 10:47 a.m.
Authentication Bypass
2021-12-1010:47:35
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.002 Low
EPSS
Percentile
55.9%
flask_appbuilder is vulnerable to authentication bypass. The vulnerability exists login function of api.py because the login requests are not properly validated which allows a malicious attacker to send a crafted request and gain access to the API endpoints.
| CPE | Name | Operator | Version |
|---|---|---|---|
| flask-appbuilder | le | 1.13.1 | |
| flask-appbuilder | le | 2.3.4 | |
| flask-appbuilder | le | 3.3.3 | |
| flask-appbuilder | le | 1.13.1 | |
| flask-appbuilder | le | 2.3.4 | |
| flask-appbuilder | le | 3.3.3 |
Related
nvd
nvd
CVE-2021-41265
2021-12-09 17:15:07
cve
cve
CVE-2021-41265
2021-12-09 17:15:07
osv
osv
CVE-2021-41265
2021-12-09 17:15:07
PYSEC-2021-851
2021-12-09 17:15:00
Improper Authentication in Flask-AppBuilder
2021-12-09 19:09:07
cvelist
cvelist
CVE-2021-41265 Improper Authentication in Flask-AppBuilder
2021-12-09 16:40:11
debiancve
debiancve
CVE-2021-41265
2021-12-09 17:15:07
github
github
Improper Authentication in Flask-AppBuilder
2021-12-09 19:09:07
gitlab
gitlab
Improper Authentication
2021-12-09 00:00:00
prion
prion
Authentication flaw
2021-12-09 17:15:00