PT-2023-21192 · Apache · Apache Superset

Ntt Data

Publicado

2023-04-17

Atualizado

2025-02-05

CVE-2023-27525

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Apache Superset versions up to and including 2.0.1

Description An authenticated user with Gamma role authorization could have access to metadata information using non-trivial methods.

Recommendations For Apache Superset versions up to and including 2.0.1, update to a version later than 2.0.1 to resolve the issue.

Correção

Incorrect Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

BIT-SUPERSET-2023-27525

CVE-2023-27525

GHSA-7JHG-8M74-6F6G

Apache Superset