Lucene search
Veracode Vulnerability DatabaseVERACODE:38927HistoryJan 19, 2023 - 10:46 a.m.
Improper Access Control
2023-01-1910:46:35
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
apache_superset
vulnerability
improper access control
unauthenticated user
dashboard configuration metadata
rest api
EPSS
0.001
Percentile
49.3%
apache_superset is vulnerable to Improper Access Control. The vulnerability exists in api.py due to explicitly enabling the DASHBOARD_CACHE feature which allows an unauthenticated user to access dashboard configuration metadata using a rest api GET endpoint .
Related
github
github
Apache Superset has Improper Access Control
2023-01-16 12:30:17
osv
osv
CVE-2022-45438
2023-01-16 11:15:10
Apache Superset has Improper Access Control
2023-01-16 12:30:17
prion
prion
Default configuration
2023-01-16 11:15:00
cvelist
cvelist
CVE-2022-45438 Apache Superset: Dashboard metadata information leak
2023-01-16 10:12:02
cve
cve
CVE-2022-45438
2023-01-16 11:15:10
cnvd
cnvd
Apache Superset Access Control Error Vulnerability (CNVD-2023-05217)
2023-01-18 00:00:00
nvd
nvd
CVE-2022-45438
2023-01-16 11:15:10