CVE-2023-36387
published 2023-09-06CVE-2023-36387: An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database…
medium5.4CVSS 3.1
AVNACLPRLUINSUCNILAL
An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | superset | <= 2.1.0 | — |
| apache_software_foundation | apache_superset | <= 2.1.0 | — |