Miggo Logo
Miggo Vulnerability Database
CVE-2023-27523

CVE-2023-27523: Apache Superset vulnerable to improper data authorization

5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-27523
GHSA ID
GHSA-v594-2c97-hx38
EPSS Score
0.25851%
CWE
CWE-863
Published
9/6/2023
Updated
11/6/2023
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
apache-supersetpip<= 2.1.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper authorization checks during Jinja template processing in SQL queries. Key functions involved in query execution and templating (SqlaTable.get_sqla_query and execute_sql) are likely vulnerable because they handle user-inputted templates without sufficient post-rendering validation. These functions would normally be responsible for applying dataset-level permissions, but the Jinja context may allow attackers to bypass checks by manipulating template variables that reference unauthorized tables.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Improp*r **t* *ut*oriz*tion ****k on Jinj* t*mpl*t** qu*ri*s in *p**** Sup*rs*t up to *n* in*lu*in* *.*.* *llows *or *n *ut**nti**t** us*r to issu* qu*ri*s on **t***s* t**l*s t**y m*y not **v* ****ss to.

Reasoning

T** vuln*r**ility st*ms *rom improp*r *ut*oriz*tion ****ks *urin* Jinj* t*mpl*t* pro**ssin* in SQL qu*ri*s. K*y *un*tions involv** in qu*ry *x**ution *n* t*mpl*tin* (Sql*T**l*.**t_sql*_qu*ry *n* *x**ut*_sql) *r* lik*ly vuln*r**l* ****us* t**y **n*l*