THREAT OPS › CVEs › CVE-2023-27524
CVE-2023-27524 — Apache Superset Insecure Default Initialization of Resource Vulnerability
Apache Superset contains an insecure default initialization of a resource vulnerability that allows an attacker to authenticate and access unauthorized resources on installations that have not altered the default configured SECRET_KEY according to installation instructions.
Vulnerability details
- Affected productsSuperset
- KEV remediation due2024-01-29