Request a Demo
Rewterz
Rewterz Threat Alert – NJRAT – Active IOCs
March 1, 2024
Rewterz
Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities
March 1, 2024

Rewterz Threat Advisory – Multiple Apache OFBiz and Superset Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-27315 CVSS:4.3

Apache Superset could allow a remote authenticated attacker to obtain sensitive information, caused by the insertion of sensitive information into an error message by the Alerts & Reports feature. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2024-25065 CVSS:7.5

Apache OFBiz could allow a remote attacker to bypass security restrictions, caused by a path traversal. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass access restrictions.

CVE-2024-26016 CVSS:6.5

Apache Superset could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation on dashboards and charts import. By sending a specially crafted request, an attacker could exploit this vulnerability to modify the metadata and gaining ownership of the object.

CVE-2024-24779 CVSS:6.5

Apache Superset could allow a remote authenticated attacker to obtain sensitive information, caused by improper data authorization when creating a new dataset. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2024-24772 CVSS:5.4

Apache Superset is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements to the chart data REST API, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2024-24773 CVSS:5.4

Apache Superset is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2024-27315 CVSS:3.8

Apache Superset is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the Alerts & Reports feature, which could allow the attacker to view, add, modify or delete information in the back-end database.

Impact

  • Security Bypass
  • Data Manipulation
  • Information Disclosure

Indicators Of Compromise

CVE

  • CVE-2024-27315
  • CVE-2024-25065
  • CVE-2024-26016
  • CVE-2024-24779
  • CVE-2024-24772
  • CVE-2024-24773

Affected Vendors

Apache

Affected Products

  • Apache Superset 3.0.3
  • Apache OFBiz 18.12.11
  • Apache Superset 3.1.0

Remediation

Refer to Apache Website for patch, upgrade or suggested workaround information.

Apache OFBiz

Apache Superset