HTTP: Apache Superset Insecure Default Configuration Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Apache Superset. A successful attack can lead to security bypass.
Extended Description
Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config. All superset installations should always set a unique secure random SECRET_KEY. Your SECRET_KEY is used to securely sign all session cookies and encrypting sensitive information on the database. Add a strong SECRET_KEY to your `superset_config.py` file like: SECRET_KEY = Alternatively you can set it with `SUPERSET_SECRET_KEY` environment variable.
Affected Products
Apache superset
References
CVE: CVE-2023-27524
Short Name
HTTP:APACHE:SUPERSET-SCRTKEY-CE
Severity
Major
Recommended
True
Recommended Action
None
Category
HTTP
Keywords
Apache CVE-2023-27524 Code Configuration Default Execution Insecure Remote Superset
Release Date
05/02/2023
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3842
False Positive
Unknown
Vendors
Apache