all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Insecure configuration exposes Apache Superset servers to RCE attacks

Add to bookmarks
April 28, 2023, 1:20 a.m. | SC Staff

SC Magazine feed for Strategy www.scmagazine.com

Nearly 2,000 internet-exposed Apache Superset servers used by government entities, corporations, universities, and others are at risk of authentication bypass and remote code execution attacks due to the servers' use of the default Flask Secret Key for authentication session cookie signing, BleepingComputer reports.

apache apache superset attacks authentication authentication bypass bleepingcomputer bypass code code execution configuration cookie corporations default entities exposed flask government insecure internet key rce remote code remote code execution reports risk secret secret key servers session signing superset universities vulnerability management

Visit resource

More from www.scmagazine.com / SC Magazine feed for Strategy

Impact of organizational structure on ransomware outcomes: Where does your org fit in? 3 hours ago | www.scmagazine.com
challenges core security detection expertise +12
AI sparks increasing cyber concerns for execs amid growing adoption 8 hours ago | www.scmagazine.com
adoption ai-benefitsrisks aiml artificial +8
More details on rural water system breach sought by legislators 9 hours ago | www.scmagazine.com
alejandro mayorkas breach critical-infrastructure-security cyberattack +23
Phishing attack compromises LA County Health Services data 9 hours ago | www.scmagazine.com
attack bleepingcomputer compromised data +17
Android device hijacking facilitated by new Brokewell banking trojan 9 hours ago | www.scmagazine.com
android android device android devices attacks +14
Microsoft credentials targeted by phishing campaign using Autodesk Drive 9 hours ago | www.scmagazine.com
account accounts autodesk campaign +16
Five ways security leaders can demonstrate the business value of cybersecurity 11 hours ago | www.scmagazine.com
board board members business business value +11
Rubrik IPO signals potential cybersecurity-led tech market revival 1 day ago | www.scmagazine.com
cloud security cybersecurity data security experts +7
Navigating the cyber seas: Clarity, compliance, and unified endpoint management 1 day, 2 hours ago | www.scmagazine.com
can clarity compass compliance +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Consultant

@ Auckland Council | Central Auckland, NZ, 1010
View on infosec-jobs.com

Security Engineer, Threat Detection

@ Stripe | Remote, US
View on infosec-jobs.com

DevSecOps Engineer (Remote in Europe)

@ CloudTalk | Prague, Prague, Czechia - Remote
View on infosec-jobs.com

Security Architect

@ Valeo Foods | Dublin, Ireland
View on infosec-jobs.com

Security Specialist - IoT & OT

@ Wallbox | Barcelona, Catalonia, Spain
View on infosec-jobs.com
View more jobs