CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39887 – Apache Superset: Improper SQL authorisation, parse not checking for specific engine functions
https://notcve.org/view.php?id=CVE-2024-39887
An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL commands. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. To mitigate this, a new configuration key named DISALLOWED_SQL_FUNCTIONS has been introduced. This key disallows the use of the following PostgreSQL functions: version, query_to_xml, inet_server_addr, and inet_client_addr. Additional functions can be added to this list for increased protection. This issue affects Apache Superset: before 4.0.2. Users are recommended to upgrade to version 4.0.2, which fixes the issue. • https://lists.apache.org/thread/j55vm41jg3l0x6w49zrmvbf3k0ts5fqz http://www.openwall.com/lists/oss-security/2024/07/16/5 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 3CVE-2024-34693 – Apache Superset: Server arbitrary file read
https://notcve.org/view.php?id=CVE-2024-34693
Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile enabled. If both the MariaDB server (off by default) and the local mysql client on the web server are set to allow for local infile, it's possible for the attacker to execute a specific MySQL/MariaDB SQL command that is able to read files from the server and insert their content on a MariaDB database table.This issue affects Apache Superset: before 3.1.3 and version 4.0.0 Users are recommended to upgrade to version 4.0.1 or 3.1.3, which fixes the issue. Vulnerabilidad de validación de entrada incorrecta en Apache Superset, permite que un atacante autenticado cree una conexión MariaDB con local_infile habilitado. Si tanto el servidor MariaDB (desactivado de forma predeterminada) como el cliente MySQL local en el servidor web están configurados para permitir el archivo local, es posible que el atacante ejecute un comando SQL MySQL/MariaDB específico que pueda leer archivos del servidor e inserte su contenido en una tabla de base de datos MariaDB. Este problema afecta a Apache Superset: antes de 3.1.3 y versión 4.0.0. • https://github.com/mbadanoiu/CVE-2024-34693 https://github.com/labc-dev/CVE-2024-34693 https://github.com/Mr-r00t11/CVE-2024-34693 http://www.openwall.com/lists/oss-security/2024/06/20/1 https://lists.apache.org/thread/1803x1s34m7r71h1k0q1njol8k6fmyon • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28148 – Apache Superset: Incorrect datasource authorization on explore REST API
https://notcve.org/view.php?id=CVE-2024-28148
An authenticated user could potentially access metadata for a datasource they are not authorized to view by submitting a targeted REST API request.This issue affects Apache Superset: before 3.1.2. Users are recommended to upgrade to version 3.1.2 or above, which fixes the issue. Un usuario autenticado podría acceder a los metadatos de una fuente de datos para la que no está autorizado a ver enviando una solicitud de API REST específica. Este problema afecta a Apache Superset: anterior a 4.0.0. Se recomienda a los usuarios actualizar a la versión 4.0.0, que soluciona el problema. • https://lists.apache.org/thread/n27wlbd05oc6bgjh28d5pxzsrrph8dgo • CWE-863: Incorrect Authorization •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-26016 – Apache Superset: Improper authorization validation on dashboards and charts import
https://notcve.org/view.php?id=CVE-2024-26016
A low privilege authenticated user could import an existing dashboard or chart that they do not have access to and then modify its metadata, thereby gaining ownership of the object. However, it's important to note that access to the analytical data of these charts and dashboards would still be subject to validation based on data access privileges. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1.Users are recommended to upgrade to version 3.1.1, which fixes the issue. • http://www.openwall.com/lists/oss-security/2024/02/28/7 https://lists.apache.org/thread/76v1jjcylgk4p3m0258qr359ook3vl8s • CWE-863: Incorrect Authorization •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-24779 – Apache Superset: Improper data authorization when creating a new dataset
https://notcve.org/view.php?id=CVE-2024-24779
Apache Superset with custom roles that include `can write on dataset` and without all data access permissions, allows for users to create virtual datasets to data they don't have access to. These users could then use those virtual datasets to get access to unauthorized data. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1 or 3.0.4, which fixes the issue. • http://www.openwall.com/lists/oss-security/2024/02/28/6 https://lists.apache.org/thread/xzhz1m5bb9zxhyqgoy4q2d689b3zp4pq • CWE-863: Incorrect Authorization •