Primary

Context

Apache Superset Improper Authorization Vulnerability Allowing Resource Ownership Takeover

Vulnerability

A vulnerability allowing improper authorization has been identified in Apache Superset, affecting versions through 4.1.1. This vulnerability enables authenticated users with read permissions to take over ownership of dashboards, charts, or datasets.

Impact

Exploitation of this vulnerability allows for unauthorized ownership takeover of resources such as dashboards, charts, or datasets.

Remediation

Users are advised to upgrade to Apache Superset version 4.1.2 or above, which addresses this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apache Superset Improper Authorization Vulnerability Allowing Resource Ownership Takeover

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating