by vicarius
log in join community
by @jakaba
11 Sep 2023
#cve_analysis

Write a blog analysis for a CVE

publish

CVE-2023-27524: Authentication Bypass in Apache Superset

by @jakaba
by @jakaba
11 Sep 2023
#cve_analysis

Write a blog analysis for a CVE

publish

CVE-2023-27524: Authentication Bypass in Apache Superset

CVEs

CVE-2023-27524
9.8 Critical Severity

Apps

Superset
SupersetApache
0.15.4.1.*
0.34.1.RC2
0.34.1.RC1
0.34.1.*
0.34.1.-
0.17.6.*
*.*
0.37.2.-
0.37.2.RC1
0.37.2.RC2

Screenshots from the blog posts

images/clm7c48qs8mhj1gn9aqrz8e1y.jpgimages/clm7c48qs8mhj1gn9aqrz8e1y.jpg

Summary

Apache Superset versions up to and including 2.0.1 are susceptible to a critical session validation vulnerability.

Description

Tags

#APACHE#account_bypass#Authentication#CVE-2023-27524
users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

64.3K

Social media links

Comments (0)