CVE-2023-39265

EUVD-2023-2494

06.09.2023, 14:15

Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is using a SQLite database for its metadata (not advised for production use) it could result in more severe vulnerabilities related to confidentiality and integrity. This vulnerability exists in Apache Superset versions up to and including 2.1.0.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	3.8 LOW	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
apache	CNA	3.8 LOW	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 98%

Affected Products (NVD)

Vendor	Product	Version
apache	superset	𝑥 ≤ 2.1.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

http://packetstormsecurity.com/files/175094/Apache-Superset-2.0.0-Remote-Code-Execution.html

https://lists.apache.org/thread/pwdzsdmv4g5g1n2h9m7ortfnxmhr7nfy

http://packetstormsecurity.com/files/175094/Apache-Superset-2.0.0-Remote-Code-Execution.html

https://lists.apache.org/thread/pwdzsdmv4g5g1n2h9m7ortfnxmhr7nfy