Improper Default REST API Permission in Apache Superset 2.1.0 Allows Authenticated Gamma Users to Test Database Connections
CVE-2023-36387 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections.
Learn more about our Cis Benchmark Audit For Apache Http Server.