An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections.
History

Thu, 26 Sep 2024 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2023-09-06T12:19:39.908Z

Updated: 2024-09-26T18:10:35.983Z

Reserved: 2023-06-21T14:06:35.892Z

Link: CVE-2023-36387

cve-icon Vulnrichment

Updated: 2024-08-02T16:45:56.364Z

cve-icon NVD

Status : Modified

Published: 2023-09-06T13:15:08.537

Modified: 2024-11-21T08:09:39.043

Link: CVE-2023-36387

cve-icon Redhat

No data.