Uncontrolled Resource Consumption via Malicious ZIP Upload in Apache Superset
CVE-2023-46104 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database, dashboards or datasets. This vulnerability exists in Apache Superset versions up to and including 2.1.2 and versions 3.0.0, 3.0.1.
Learn more about our Cis Benchmark Audit For Apache Http Server.