Multiple vulnerabilities in Apache Superset



Published: 2024-02-28
Risk Low
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2024-26016
CVE-2024-24779
CVE-2024-24772
CVE-2024-24773
CVE-2024-27315
CWE-ID CWE-284
CWE-211
CWE-264
CWE-388
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Apache Superset
Web applications / Other software

Vendor Apache Foundation

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Improper access control

EUVDB-ID: #VU86907

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26016

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote user can bypass implemented security restrictions and import an existing dashboard or chart.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apache Superset: 3.0.0 - 3.1.0

External links

http://lists.apache.org/thread/76v1jjcylgk4p3m0258qr359ook3vl8s


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper access control

EUVDB-ID: #VU86906

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-24779

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions when creating a new dataset. A remote attacker can bypass implemented security restrictions and gain unauthorized access to the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apache Superset: 3.0.0 - 3.1.0

External links

http://lists.apache.org/thread/xzhz1m5bb9zxhyqgoy4q2d689b3zp4pq


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information exposure through externally-generated error message

EUVDB-ID: #VU86905

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-24772

CWE-ID: CWE-211 - Externally-generated error message containing sensitive information

Exploit availability: No

Description

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application while handling error conditions in chart data REST API. A remote user can obtain sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apache Superset: 3.0.0 - 3.1.0

External links

http://lists.apache.org/thread/gfl3ckwy6y9tpz9jmpv62orh2q346sn5


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU86904

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-24773

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to insufficient validation of user-supplied input when handling nested SQL statements in SQLLab. A remote user can use a specially crafted SQL statement to bypass implemented authorization restrictions and gain access to sensitive information in the database.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apache Superset: 3.0.0 - 3.1.0

External links

http://lists.apache.org/thread/h66fy6nj41cfx07zh7l552w6dmtjh501


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Error Handling

EUVDB-ID: #VU86903

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27315

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to improper error handling. A remote user with privileges to create Alerts on Alerts & Reports has the capability to generate a specially crafted SQL statement that triggers an error on the database.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apache Superset: 3.0.0 - 3.1.0

External links

http://lists.apache.org/thread/qcwbx7q2s3ynsd405895bx3wcwq32j7z


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###