THREATOPS
THREAT OPSCVEs › CVE-2023-27524

CVE-2023-27524 — Apache Superset Insecure Default Initialization of Resource Vulnerability

CISA KEVExploited: confirmedApache

Apache Superset contains an insecure default initialization of a resource vulnerability that allows an attacker to authenticate and access unauthorized resources on installations that have not altered the default configured SECRET_KEY according to installation instructions.

Vulnerability details