all InfoSec news
Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks
April 26, 2023, 9:29 a.m. | info@thehackernews.com (The Hacker News)
The Hacker News thehackernews.com
The vulnerability, tracked as CVE-2023-27524 (CVSS score: 8.9), impacts versions up to and including 2.0.1 and relates to the use of a default SECRET_KEY that could be abused by attackers to authenticate and access
access apache apache superset attackers attacks code code execution configuration cve cvss data data visualization default fixes insecure maintainers open source rce remote code remote code execution score servers software source data superset visualization vulnerability
More from thehackernews.com / The Hacker News
Jobs in InfoSec / Cybersecurity
Information Technology Specialist II: Network Architect
@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA
Cybersecurity Skills Challenge -- Sponsored by DoD
@ Correlation One | United States
Security Operations Center (SOC) Analyst
@ GK Cybersecurity Group | Remote
DevSecOps Engineer
@ SIXGEN | Remote
Senior DevSecOps Engineer
@ nou Systems, Inc. | Huntsville AL, Huntsville, AL, US
Security Engineer (f/m/d)
@ Enpal B.V. | Berlin, Germany