Denial Of Service (DoS)

2023-11-2910:12:00

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

denial of service

apache_superset

vulnerability

rate limiting

api

dashboard

authenticated access

concurrent requests

software

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

26.9%

JSON

apache_superset is vulnerable to Denial Of Service (DoS). The vulnerability is caused by a lack rate limiting in the API and dashboard functionalities. An attacker with authenticated access, could exploit this vulnerability by initiating multiple concurrent requests for dashboard exports. This can potentially lead to Denial of Service.