Rewterz Threat Advisory – CVE-2022-27479 – Apache Superset Vulnerability

Rewterz Threat Alert – APT Group Gamaredon – Active IOCs

April 13, 2022

Rewterz Threat Advisory – CVE-2022-0023 – Palo Alto Networks PAN-OS Vulnerability

April 14, 2022

Rewterz Threat Advisory – CVE-2022-27479 – Apache Superset Vulnerability

Severity

Medium

Analysis Summary

CVE-2022-27479

Apache Superset is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the chart data API, which could allow the attacker to view, add, modify or delete information in the back-end database.

Impact

Data Manipulation

Indicators Of Compromise

CVE

CVE-2022-27479

Affected Vendors

Apache

Affected Products

Apache Superset 1.4.1

Remediation

Refer to the vendor website for patches, upgrades, and workarounds here:

Apache Superset

Rewterz Threat Alert – APT Group Gamaredon – Active IOCs

Rewterz Threat Advisory – CVE-2022-0023 – Palo Alto Networks PAN-OS Vulnerability

Rewterz Threat Advisory – CVE-2022-27479 – Apache Superset Vulnerability

Severity

Analysis Summary

CVE-2022-27479

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan