Multiple vulnerabilities in Apache Superset
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2023-43701 CVE-2023-42501 CVE-2023-40610 |
| CWE-ID | CWE-79 CWE-264 CWE-285 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Apache Superset Web applications / Other software |
| Vendor | Apache Foundation |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Cross-site scripting
EUVDB-ID: #VU85976
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-43701
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in REST API endpoint output. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
MitigationInstall updates from vendor's website.
Vulnerable software versionsApache Superset: 2.0.0 - 2.1.1
External linkshttp://lists.apache.org/thread/4dnr1knk50fw60jxkjgqj228f0xcc892
http://www.openwall.com/lists/oss-security/2023/11/27/4
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU85975
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42501
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to unnecessary read permissions within the Gamma role. A remote user can read configured CSS templates and annotations.
MitigationInstall updates from vendor's website.
Vulnerable software versionsApache Superset: 2.0.0 - 2.1.1
External linkshttp://lists.apache.org/thread/vk1rmrh9kz0chjmc9tk7o3md6zpz4ygh
http://www.openwall.com/lists/oss-security/2023/11/27/3
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Authorization
EUVDB-ID: #VU85974
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-40610
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges within the application.
The vulnerability exists due to missing authorization when handling CTE SQL statements. A remote user can tamper with authentication/authorization data.
MitigationInstall updates from vendor's website.
Vulnerable software versionsApache Superset: 2.0.0 - 2.1.1
External linkshttp://lists.apache.org/thread/jvgxpk4dbxyqtsgtl4pdgbd520rc0rot
http://www.openwall.com/lists/oss-security/2023/11/27/2
http://github.com/orangecertcc/security-research/security/advisories/GHSA-f678-j579-4xf5
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
