We found results for “”
CVE-2023-42505
Good to know:
Date: November 28, 2023
An authenticated user with read permissions on database connections metadata could potentially access sensitive information such as the connection's username. This issue affects Apache Superset before 3.0.0.
Language: Python
Severity Score
Severity Score
Weakness Type (CWE)
Information Leak / Disclosure
CWE-200Insufficient Information
NVD-CWE-noinfoTop Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | NONE |
Availability (A): | NONE |