SB2024013161 - Multiple vulnerabilities in Apache Superset
Published: January 31, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Cross-site scripting (CVE-ID: CVE-2023-43701)
The disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in REST API endpoint output. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-42501)
The vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to unnecessary read permissions within the Gamma role. A remote user can read configured CSS templates and annotations.
3) Improper Authorization (CVE-ID: CVE-2023-40610)
The vulnerability allows a remote user to escalate privileges within the application.
The vulnerability exists due to missing authorization when handling CTE SQL statements. A remote user can tamper with authentication/authorization data.
Remediation
Install update from vendor's website.
References
- https://lists.apache.org/thread/4dnr1knk50fw60jxkjgqj228f0xcc892
- https://www.openwall.com/lists/oss-security/2023/11/27/4
- https://lists.apache.org/thread/vk1rmrh9kz0chjmc9tk7o3md6zpz4ygh
- http://www.openwall.com/lists/oss-security/2023/11/27/3
- https://lists.apache.org/thread/jvgxpk4dbxyqtsgtl4pdgbd520rc0rot
- http://www.openwall.com/lists/oss-security/2023/11/27/2
- https://github.com/orangecertcc/security-research/security/advisories/GHSA-f678-j579-4xf5