Lucene search
Veracode Vulnerability DatabaseVERACODE:48102HistoryJul 17, 2024 - 5:53 a.m.
SQL Injection
2024-07-1705:53:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
apache superset
sql injection
vulnerability
improper handling
bypass
sql authorization
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
7.3
Confidence
Low
Apache Superset is vulnerable to SQL Injection. The vulnerability is caused due to improper handling of special elements used in SQL commands, specifically certain engine-specific functions are not checked, allowing attackers to bypass SQL authorization.
Related
nvd
nvd
CVE-2024-39887
2024-07-16 10:15:03
cvelist
cvelist
osv
osv
Apache Superset vulnerable to improper SQL authorization
2024-07-16 12:30:37
vulnrichment
vulnrichment
cve
cve
CVE-2024-39887
2024-07-16 10:15:03
github
github
Apache Superset vulnerable to improper SQL authorization
2024-07-16 12:30:37
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
7.3
Confidence
Low
Related for VERACODE:48102