[German]Brief note for users who deploy Apache Superset in their environment. There is a problem in the default configuration that the software can be attacked via remote code execution vulnerability. This becomes a problem if the server is accessible via the Internet.
Advertising
Apache Superset is an open source tool for data visualization and exploration. However, more than 3000 instances are accessible via the Internet.
The horizon3.ai team found during an investigation that a significant portion of these servers – at least 2000 (two-thirds of all servers) – are running with a dangerous default configuration. As a result, many of these servers are publicly accessible and any attacker with administrative privileges can "log in" to these servers. He can then access and modify data associated with these servers, grab credentials and execute remote code.
The security researchers disclose the details of the misconfiguration (CVE-2023-27524) in this post. Thanks to the blog reader for pointing it out – the colleagues at Bleeping Computer had picked it up here yesterday.
Advertising
