Lucene search
ApacheCVELIST:CVE-2021-44451HistoryFeb 01, 2022 - 1:16 p.m.
CVE-2021-44451 API sensitive information leak
2022-02-0113:16:32
CWE-522
apache
www.cve.org
4
cve-2021-44451
api
sensitive information
apache superset
database connections
password leak
authenticated users
upgrade
Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. Users should upgrade to Apache Superset 1.4.0 or higher.
CNA Affected
[
{
"product": "Apache Superset",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.3.2",
"status": "affected",
"version": "Apache Superset",
"versionType": "custom"
}
]
}
]Related
nuclei
nuclei
Apache Superset <=1.3.2 - Default Login
2021-07-21 05:21:27
github
github
Insufficiently Protected Credentials in Apache Superset
2022-02-02 00:01:46
osv
osv
Insufficiently Protected Credentials in Apache Superset
2022-02-02 00:01:46
CVE-2021-44451
2022-02-01 14:15:09
PYSEC-2022-36
2022-02-01 14:15:00
nvd
nvd
CVE-2021-44451
2022-02-01 14:15:09
cve
cve
CVE-2021-44451
2022-02-01 14:15:09
cnvd
cnvd
Apache Superset Information Disclosure Vulnerability (CNVD-2022-14706)
2022-02-10 00:00:00
veracode
veracode
Information Disclosure
2022-02-03 06:51:04
prion
prion
Default credentials
2022-02-01 14:15:00