cnvd - cnvd-2023-72237

cnvd-2023-72237

Vulnerability from cnvd

Title: Apache Superset授权问题漏洞

Description:

Apache Superset是美国阿帕奇（Apache）基金会的一个数据可视化和数据探索平台。

Apache Superset 2.1.0版本及之前版本存在授权问题漏洞，该漏洞源于SQLLab中的授权检查不正确。攻击者可利用该漏洞查询他们无法正确访问超级集中的表。

Severity: 中

Patch Name: Apache Superset授权问题漏洞的补丁

Patch Description:

Apache Superset是美国阿帕奇（Apache）基金会的一个数据可视化和数据探索平台。

Apache Superset 2.1.0版本及之前版本存在授权问题漏洞，该漏洞源于SQLLab中的授权检查不正确。攻击者可利用该漏洞查询他们无法正确访问超级集中的表。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://lists.apache.org/thread/ococ6nlj80f0okkwfwpjczy3q84j3wkp

Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-32672

Impacted products

Name
Apache Superset <=2.1.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-32672",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-32672"
    }
  },
  "description": "Apache Superset\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u6570\u636e\u53ef\u89c6\u5316\u548c\u6570\u636e\u63a2\u7d22\u5e73\u53f0\u3002\n\nApache Superset 2.1.0\u7248\u672c\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eSQLLab\u4e2d\u7684\u6388\u6743\u68c0\u67e5\u4e0d\u6b63\u786e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u67e5\u8be2\u4ed6\u4eec\u65e0\u6cd5\u6b63\u786e\u8bbf\u95ee\u8d85\u7ea7\u96c6\u4e2d\u7684\u8868\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://lists.apache.org/thread/ococ6nlj80f0okkwfwpjczy3q84j3wkp",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-72237",
  "openTime": "2023-09-26",
  "patchDescription": "Apache Superset\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u6570\u636e\u53ef\u89c6\u5316\u548c\u6570\u636e\u63a2\u7d22\u5e73\u53f0\u3002\r\n\r\nApache Superset 2.1.0\u7248\u672c\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eSQLLab\u4e2d\u7684\u6388\u6743\u68c0\u67e5\u4e0d\u6b63\u786e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u67e5\u8be2\u4ed6\u4eec\u65e0\u6cd5\u6b63\u786e\u8bbf\u95ee\u8d85\u7ea7\u96c6\u4e2d\u7684\u8868\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Superset\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache Superset \u003c=2.1.0"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2023-32672",
  "serverity": "\u4e2d",
  "submitTime": "2023-09-11",
  "title": "Apache Superset\u6388\u6743\u95ee\u9898\u6f0f\u6d1e"
}

CVE-2023-32672 (GCVE-0-2023-32672)

Vulnerability from cvelistv5

Published

2023-09-06 13:16

Modified

2024-09-26 15:52

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-863 - Incorrect Authorization

Summary

An Incorrect authorisation check in SQLLab in Apache Superset versions up to and including 2.1.0. This vulnerability allows an authenticated user to query tables that they do not have proper access to within Superset. The vulnerability can be exploited by leveraging a SQL parsing vulnerability.

References

▼	URL	Tags
	https://lists.apache.org/thread/ococ6nlj80f0okkwfwpjczy3q84j3wkp	vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Superset	Version: 0 ≤ 2.1.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:25:36.704Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/ococ6nlj80f0okkwfwpjczy3q84j3wkp"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32672",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-26T15:46:32.863305Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-26T15:52:02.025Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Superset",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Arnaud Pascal @ Vaadata"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An Incorrect authorisation check in SQLLab in Apache Superset versions up to and including 2.1.0. This vulnerability allows an authenticated user to query tables that they do not have proper access to within Superset. The vulnerability can be exploited by leveraging a SQL parsing vulnerability.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "An Incorrect authorisation check in SQLLab in Apache Superset versions up to and including 2.1.0. This vulnerability allows an authenticated user to query tables that they do not have proper access to within Superset. The vulnerability can be exploited by leveraging a SQL parsing vulnerability.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863 Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-06T13:16:02.396Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/ococ6nlj80f0okkwfwpjczy3q84j3wkp"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Superset: SQL parser edge case bypasses data access authorization",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2023-32672",
    "datePublished": "2023-09-06T13:16:02.396Z",
    "dateReserved": "2023-05-11T14:26:39.767Z",
    "dateUpdated": "2024-09-26T15:52:02.025Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted