CVE-2023-27524: Apache Superset Insecure Default Initialization of Resource
Apache Superset Insecure Default Initialization of Resource Vulnerability. Apache Superset contains an insecure default initialization of a resource vulnerability that allows an attacker to authenticate and access unauthorized resources on installations that have not altered the default configured SECRET_KEY according to installation instructions.
- CISA KEV-listed (remediation due 2024-01-29)
- EPSS 84.0% (99.3% percentile)