cvelistv5 - cve-2023-42502

cve-2023-42502

Vulnerability from cvelistv5

Published

2023-11-28 16:25

Modified

2024-08-02 19:23

Severity ?

4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Summary

An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0.

References

▼	URL	Tags
	security@apache.org	https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn	Mailing List, Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn	Mailing List, Third Party Advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Superset	Version: 0 ≤

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T19:23:39.566Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Apache Superset",
               vendor: "Apache Software Foundation",
               versions: [
                  {
                     lessThan: "3.0.0",
                     status: "affected",
                     version: "0",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Amit Laish – GE Vernova",
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the <span style=\"background-color: rgb(255, 255, 255);\">HTTP Host header</span>, users could be redirected to this site when clicking on that specific dataset. <span style=\"background-color: rgb(255, 255, 255);\">This issue affects Apache Superset versions before 3.0.0.</span><br>",
                  },
               ],
               value: "An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0.\n",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 4.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-601",
                     description: "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-11-30T08:14:26.949Z",
            orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            shortName: "apache",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Apache Superset: Open Redirect Vulnerability",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
      assignerShortName: "apache",
      cveId: "CVE-2023-42502",
      datePublished: "2023-11-28T16:25:43.177Z",
      dateReserved: "2023-09-11T11:20:01.211Z",
      dateUpdated: "2024-08-02T19:23:39.566Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2023-42502\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2023-11-28T17:15:07.907\",\"lastModified\":\"2024-11-21T08:22:40.920\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0.\\n\"},{\"lang\":\"es\",\"value\":\"Un atacante autenticado con permiso para actualizar conjuntos de datos podría cambiar el enlace de un conjunto de datos a un sitio que no es de confianza falsificando el encabezado del host HTTP; los usuarios podrían ser redirigidos a este sitio al hacer clic en ese conjunto de datos específico. Este problema afecta a las versiones de Apache Superset anteriores a la 3.0.0.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.7,\"impactScore\":2.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0.0\",\"matchCriteriaId\":\"B7CD7B20-D07E-4327-AA44-37ABCBA3E656\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]}]}}",
   },
}

WID-SEC-W-2023-3023

Vulnerability from csaf_certbund

Published

2023-11-28 23:00

Modified

2023-11-28 23:00

Summary

Apache Superset: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Apache Superset ist eine Open-Source-Plattform zur Datenexploration und -visualisierung.

Angriff

Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in Apache Superset ausnutzen, um Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen oder vertrauliche Informationen offenzulegen.

Betroffene Betriebssysteme

- Linux - MacOS X - Windows

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "mittel",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "Apache Superset ist eine Open-Source-Plattform zur Datenexploration und -visualisierung.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in Apache Superset ausnutzen, um Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen oder vertrauliche Informationen offenzulegen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Linux\n- MacOS X\n- Windows",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2023-3023 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3023.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2023-3023 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3023",
         },
         {
            category: "external",
            summary: "Apache Mailing List vom 2023-11-28",
            url: "https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn",
         },
         {
            category: "external",
            summary: "Apache Mailing List vom 2023-11-28",
            url: "https://lists.apache.org/thread/bd0fhtfzrtgo1q8x35tpm8ms144d1t2y",
         },
         {
            category: "external",
            summary: "Apache Mailing List vom 2023-11-28",
            url: "https://lists.apache.org/thread/yzq5gk1y9lyw6nxwd3xdkxg1djqw1h6l",
         },
         {
            category: "external",
            summary: "GitHub Advisory Database vom 2023-11-28",
            url: "https://github.com/advisories/GHSA-hc74-9vjm-c9xv",
         },
         {
            category: "external",
            summary: "GitHub Advisory Database vom 2023-11-28",
            url: "https://github.com/advisories/GHSA-fgpw-4w69-j256",
         },
         {
            category: "external",
            summary: "GitHub Advisory Database vom 2023-11-28",
            url: "https://github.com/advisories/GHSA-3hp7-4qq4-v5c6",
         },
      ],
      source_lang: "en-US",
      title: "Apache Superset: Mehrere Schwachstellen",
      tracking: {
         current_release_date: "2023-11-28T23:00:00.000+00:00",
         generator: {
            date: "2024-08-15T18:02:09.570+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.5",
            },
         },
         id: "WID-SEC-W-2023-3023",
         initial_release_date: "2023-11-28T23:00:00.000+00:00",
         revision_history: [
            {
               date: "2023-11-28T23:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "Apache Superset < 3.0.0",
                  product: {
                     name: "Apache Superset < 3.0.0",
                     product_id: "T031388",
                     product_identification_helper: {
                        cpe: "cpe:/a:apache:superset:3.0.0",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Apache",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-42505",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Apache Superset. Dieser Fehler besteht dadurch, dass Benutzer mit Leserechten für die Metadaten von Datenbankverbindungen in der Lage sind, auf vertrauliche Informationen wie den Benutzernamen der Verbindung zuzugreifen. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.",
            },
         ],
         release_date: "2023-11-28T23:00:00.000+00:00",
         title: "CVE-2023-42505",
      },
      {
         cve: "CVE-2023-42504",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Apache Superset. Dieser Fehler besteht aufgrund eines Problems der unbegrenzten Ressourcenzuweisung, das dazu führt, dass mehrere gleichzeitige Anfragen gestartet werden, die jeweils mehrere Dashboard-Exporte anfordern. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.",
            },
         ],
         release_date: "2023-11-28T23:00:00.000+00:00",
         title: "CVE-2023-42504",
      },
      {
         cve: "CVE-2023-42502",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Apache Superset. Dieser Fehler besteht aufgrund eines offenen Umleitungsproblems, das es ermöglicht, einen Datensatz-Link auf eine nicht vertrauenswürdige Site zu ändern. Durch das Fälschen des HTTP-Host-Headers können Benutzer zu einer bösartigen Seite umgeleitet werden, wenn sie auf diesen speziellen Datensatz klicken. Ein entfernter, authentifizierter Angreifer mit der Berechtigung zum Aktualisieren von Datensätzen kann diese Schwachstelle ausnutzen, um die Sicherheitsmaßnahmen zu umgehen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.",
            },
         ],
         release_date: "2023-11-28T23:00:00.000+00:00",
         title: "CVE-2023-42502",
      },
   ],
}

wid-sec-w-2023-3023

Vulnerability from csaf_certbund

Published

2023-11-28 23:00

Modified

2023-11-28 23:00

Summary

Apache Superset: Mehrere Schwachstellen

Notes

Produktbeschreibung

Apache Superset ist eine Open-Source-Plattform zur Datenexploration und -visualisierung.

Angriff

Betroffene Betriebssysteme

- Linux - MacOS X - Windows

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "mittel",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "Apache Superset ist eine Open-Source-Plattform zur Datenexploration und -visualisierung.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in Apache Superset ausnutzen, um Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen oder vertrauliche Informationen offenzulegen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Linux\n- MacOS X\n- Windows",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2023-3023 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3023.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2023-3023 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3023",
         },
         {
            category: "external",
            summary: "Apache Mailing List vom 2023-11-28",
            url: "https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn",
         },
         {
            category: "external",
            summary: "Apache Mailing List vom 2023-11-28",
            url: "https://lists.apache.org/thread/bd0fhtfzrtgo1q8x35tpm8ms144d1t2y",
         },
         {
            category: "external",
            summary: "Apache Mailing List vom 2023-11-28",
            url: "https://lists.apache.org/thread/yzq5gk1y9lyw6nxwd3xdkxg1djqw1h6l",
         },
         {
            category: "external",
            summary: "GitHub Advisory Database vom 2023-11-28",
            url: "https://github.com/advisories/GHSA-hc74-9vjm-c9xv",
         },
         {
            category: "external",
            summary: "GitHub Advisory Database vom 2023-11-28",
            url: "https://github.com/advisories/GHSA-fgpw-4w69-j256",
         },
         {
            category: "external",
            summary: "GitHub Advisory Database vom 2023-11-28",
            url: "https://github.com/advisories/GHSA-3hp7-4qq4-v5c6",
         },
      ],
      source_lang: "en-US",
      title: "Apache Superset: Mehrere Schwachstellen",
      tracking: {
         current_release_date: "2023-11-28T23:00:00.000+00:00",
         generator: {
            date: "2024-08-15T18:02:09.570+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.5",
            },
         },
         id: "WID-SEC-W-2023-3023",
         initial_release_date: "2023-11-28T23:00:00.000+00:00",
         revision_history: [
            {
               date: "2023-11-28T23:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "Apache Superset < 3.0.0",
                  product: {
                     name: "Apache Superset < 3.0.0",
                     product_id: "T031388",
                     product_identification_helper: {
                        cpe: "cpe:/a:apache:superset:3.0.0",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Apache",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-42505",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Apache Superset. Dieser Fehler besteht dadurch, dass Benutzer mit Leserechten für die Metadaten von Datenbankverbindungen in der Lage sind, auf vertrauliche Informationen wie den Benutzernamen der Verbindung zuzugreifen. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.",
            },
         ],
         release_date: "2023-11-28T23:00:00.000+00:00",
         title: "CVE-2023-42505",
      },
      {
         cve: "CVE-2023-42504",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Apache Superset. Dieser Fehler besteht aufgrund eines Problems der unbegrenzten Ressourcenzuweisung, das dazu führt, dass mehrere gleichzeitige Anfragen gestartet werden, die jeweils mehrere Dashboard-Exporte anfordern. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.",
            },
         ],
         release_date: "2023-11-28T23:00:00.000+00:00",
         title: "CVE-2023-42504",
      },
      {
         cve: "CVE-2023-42502",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Apache Superset. Dieser Fehler besteht aufgrund eines offenen Umleitungsproblems, das es ermöglicht, einen Datensatz-Link auf eine nicht vertrauenswürdige Site zu ändern. Durch das Fälschen des HTTP-Host-Headers können Benutzer zu einer bösartigen Seite umgeleitet werden, wenn sie auf diesen speziellen Datensatz klicken. Ein entfernter, authentifizierter Angreifer mit der Berechtigung zum Aktualisieren von Datensätzen kann diese Schwachstelle ausnutzen, um die Sicherheitsmaßnahmen zu umgehen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.",
            },
         ],
         release_date: "2023-11-28T23:00:00.000+00:00",
         title: "CVE-2023-42502",
      },
   ],
}

gsd-2023-42502

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2023-42502

Aliases

CVE-2023-42502

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2023-42502",
      id: "GSD-2023-42502",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2023-42502",
         ],
         details: "An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0.\n",
         id: "GSD-2023-42502",
         modified: "2023-12-13T01:20:21.654422Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "security@apache.org",
            ID: "CVE-2023-42502",
            STATE: "PUBLIC",
         },
         affects: {
            vendor: {
               vendor_data: [
                  {
                     product: {
                        product_data: [
                           {
                              product_name: "Apache Superset",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "0",
                                       version_value: "3.0.0",
                                    },
                                 ],
                              },
                           },
                        ],
                     },
                     vendor_name: "Apache Software Foundation",
                  },
               ],
            },
         },
         credits: [
            {
               lang: "en",
               value: "Amit Laish – GE Vernova",
            },
         ],
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0.\n",
               },
            ],
         },
         generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
         impact: {
            cvss: [
               {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 4.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
            ],
         },
         problemtype: {
            problemtype_data: [
               {
                  description: [
                     {
                        cweId: "CWE-601",
                        lang: "eng",
                        value: "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')",
                     },
                  ],
               },
            ],
         },
         references: {
            reference_data: [
               {
                  name: "https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn",
                  refsource: "MISC",
                  url: "https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn",
               },
            ],
         },
         source: {
            discovery: "UNKNOWN",
         },
      },
      "nvd.nist.gov": {
         configurations: {
            CVE_data_version: "4.0",
            nodes: [
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndExcluding: "3.0.0",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
            ],
         },
         cve: {
            CVE_data_meta: {
               ASSIGNER: "security@apache.org",
               ID: "CVE-2023-42502",
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "en",
                     value: "An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0.\n",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "en",
                           value: "CWE-601",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn",
                     refsource: "",
                     tags: [
                        "Mailing List",
                        "Third Party Advisory",
                     ],
                     url: "https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn",
                  },
               ],
            },
         },
         impact: {
            baseMetricV3: {
               cvssV3: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
               exploitabilityScore: 2.3,
               impactScore: 2.7,
            },
         },
         lastModifiedDate: "2023-12-04T19:01Z",
         publishedDate: "2023-11-28T17:15Z",
      },
   },
}

ghsa-hc74-9vjm-c9xv

Vulnerability from github

Published

2023-11-28 18:30

Modified

2023-12-05 21:56

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

Apache Superset Open Redirect vulnerability

Details

Show details on source website

JSON

To clipboard

{
   affected: [
      {
         package: {
            ecosystem: "PyPI",
            name: "apache-superset",
         },
         ranges: [
            {
               events: [
                  {
                     introduced: "0",
                  },
                  {
                     fixed: "3.0.0",
                  },
               ],
               type: "ECOSYSTEM",
            },
         ],
      },
   ],
   aliases: [
      "CVE-2023-42502",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-601",
      ],
      github_reviewed: true,
      github_reviewed_at: "2023-11-28T23:29:00Z",
      nvd_published_at: "2023-11-28T17:15:07Z",
      severity: "MODERATE",
   },
   details: "An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0.\n",
   id: "GHSA-hc74-9vjm-c9xv",
   modified: "2023-12-05T21:56:34Z",
   published: "2023-11-28T18:30:23Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2023-42502",
      },
      {
         type: "PACKAGE",
         url: "https://github.com/apache/superset",
      },
      {
         type: "WEB",
         url: "https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn",
      },
      {
         type: "WEB",
         url: "http://www.openwall.com/lists/oss-security/2023/11/28/3",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
         type: "CVSS_V3",
      },
   ],
   summary: "Apache Superset Open Redirect vulnerability",
}

fkie_cve-2023-42502

Vulnerability from fkie_nvd

Published

2023-11-28 17:15

Modified

2024-11-21 08:22

Severity ?

4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

References

▼	URL	Tags
	security@apache.org	https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn	Mailing List, Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn	Mailing List, Third Party Advisory

Impacted products

	Vendor	Product	Version
	apache	superset	*

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7CD7B20-D07E-4327-AA44-37ABCBA3E656",
                     versionEndExcluding: "3.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0.\n",
      },
      {
         lang: "es",
         value: "Un atacante autenticado con permiso para actualizar conjuntos de datos podría cambiar el enlace de un conjunto de datos a un sitio que no es de confianza falsificando el encabezado del host HTTP; los usuarios podrían ser redirigidos a este sitio al hacer clic en ese conjunto de datos específico. Este problema afecta a las versiones de Apache Superset anteriores a la 3.0.0.",
      },
   ],
   id: "CVE-2023-42502",
   lastModified: "2024-11-21T08:22:40.920",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.7,
            impactScore: 2.7,
            source: "security@apache.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.3,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-11-28T17:15:07.907",
   references: [
      {
         source: "security@apache.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn",
      },
   ],
   sourceIdentifier: "security@apache.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-601",
            },
         ],
         source: "security@apache.org",
         type: "Primary",
      },
   ],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2023-42502

Vulnerability from cvelistv5

WID-SEC-W-2023-3023

Vulnerability from csaf_certbund

wid-sec-w-2023-3023

Vulnerability from csaf_certbund

gsd-2023-42502

Vulnerability from gsd

ghsa-hc74-9vjm-c9xv

Vulnerability from github

fkie_cve-2023-42502

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature