{"uuid": "5573e7eb-9d20-4468-9902-d731bde2f08c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "https://t.me/arpsyndicate/1910", "content": "#ExploitObserverAlert\n\nCVE-2023-27524\n\nDESCRIPTION: Exploit Observer has 40 entries related to CVE-2023-27524. Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config.\n\nFIRST-EPSS: 0.906990000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T04:23:04.000000Z"}