6.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-34693

GHSA ID

GHSA-hcr7-cqwc-q5gq

EPSS Score

0.71282%

CWE

CWE-20

Published

6/20/2024

Updated

2/11/2025

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-34693

CVE-2024-34693: Apache Superset server arbitrary file read

Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile enabled. If both the MariaDB server (off by default) and the local mysql client on the web server are set to allow for local infile, it's possible for the attacker to execute a specific MySQL/MariaDB SQL command that is able to read files from the server and insert their content on a MariaDB database table. This issue affects Apache Superset before version 3.1.3 and in version 4.0.0.

Users are recommended to upgrade to version 4.0.1 or 3.1.3, both of which fix the issue.

(GitHub Advisory)

6.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-34693

GHSA ID

GHSA-hcr7-cqwc-q5gq

EPSS Score

0.71282%

CWE

CWE-20

Published

6/20/2024

Updated

2/11/2025

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
apache-superset	pip	< 3.1.3	3.1.3
apache-superset	pip	>= 4.0.0, < 4.0.1	4.0.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper input validation when configuring MariaDB connections. The MySQLEngineSpec class's parameter handling would be the logical place where 'local_infile' could be enabled through user-controlled input. The DatabaseView POST handler would be responsible for accepting these parameters. While exact code isn't available, these components align with the described attack vector (configuring dangerous DB parameters) and CWE-20 pattern. The high confidence for MySQLEngineSpec comes from its direct role in DB configuration, while the view handler gets medium confidence due to typical MVC patterns in web apps.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Improp*r Input V*li**tion vuln*r**ility in *p**** Sup*rs*t, *llows *or *n *ut**nti**t** *tt**k*r to *r**t* * M*ri*** *onn**tion wit* lo**l_in*il* *n**l**. I* *ot* t** M*ri*** s*rv*r (o** *y ****ult) *n* t** lo**l mysql *li*nt on t** w** s*rv*r *r* s*

Reasoning

T** vuln*r**ility st*ms *rom improp*r input v*li**tion w**n *on*i*urin* M*ri*** *onn**tions. T** `MySQL*n*in*Sp**` *l*ss's p*r*m*t*r **n*lin* woul* ** t** lo*i**l pl*** w**r* 'lo**l_in*il*' *oul* ** *n**l** t*rou** us*r-*ontroll** input. T** `**t***s

6.8

Basic Information

Concerned about an active attack path?

CVE-2024-34693: Apache Superset server arbitrary file read

6.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI