CVE-2023-27524— Apache Superset: Session validation vulnerability when using provided default SECRET_KEY
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-27524
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Apache Superset: Session validation vulnerability when using provided default SECRET_KEY
Source: NVD (National Vulnerability Database)
Vulnerability Description
Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config. All superset installations should always set a unique secure random SECRET_KEY. Your SECRET_KEY is used to securely sign all session cookies and encrypting sensitive information on the database. Add a strong SECRET_KEY to your `superset_config.py` file like: SECRET_KEY = <YOUR_OWN_RANDOM_GENERATED_SECRET_KEY> Alternatively you can set it with `SUPERSET_SECRET_KEY` environment variable.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
不安全的默认资源初始化
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apache Superset 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache Superset是美国阿帕奇(Apache)基金会的一个数据可视化和数据探索平台。 Apache Superset 2.0.1版本及之前版本存在安全漏洞。攻击者利用该漏洞验证和访问未经授权的资源。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Apache Software Foundation | Apache Superset | 0 ~ 2.0.1 | - |
II. Public POCs for CVE-2023-27524
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Basic PoC for CVE-2023-27524: Insecure Default Configuration in Apache Superset | https://github.com/horizon3ai/CVE-2023-27524 | POC Details |
| 2 | Apahce-Superset身份认证绕过漏洞(CVE-2023-27524)检测工具 | https://github.com/Okaytc/Superset_auth_bypass_check | POC Details |
| 3 | Apache Superset Auth Bypass Vulnerability CVE-2023-27524. | https://github.com/antx-code/CVE-2023-27524 | POC Details |
| 4 | A POC for the all new CVE-2023-27524 which allows for authentication bypass and gaining access to the admin dashboard. | https://github.com/MaanVader/CVE-2023-27524-POC | POC Details |
| 5 | Perform With Apache-SuperSet Leaked Token [CSRF] | https://github.com/ThatNotEasy/CVE-2023-27524 | POC Details |
| 6 | None | https://github.com/TardC/CVE-2023-27524 | POC Details |
| 7 | CVE-2023-27524 | https://github.com/necroteddy/CVE-2023-27524 | POC Details |
| 8 | None | https://github.com/jakabakos/CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE | POC Details |
| 9 | Apache Superset 默认SECRET_KEY 漏洞(CVE-2023-27524) | https://github.com/CN016/Apache-Superset-SECRET_KEY-CVE-2023-27524- | POC Details |
| 10 | CVE-2023-27524 | https://github.com/NguyenCongHaiNam/Research-CVE-2023-27524 | POC Details |
| 11 | Tool for finding CVE-2023-27524 (Apache Superset - Authentication Bypass) | https://github.com/karthi-the-hacker/CVE-2023-27524 | POC Details |
| 12 | Tool for finding CVE-2023-27524 (Apache Superset - Authentication Bypass) | https://github.com/Cappricio-Securities/CVE-2023-27524 | POC Details |
| 13 | Apache Superset Auth Bypass Vulnerability CVE-2023-27524. | https://github.com/ZZ-SOCMAP/CVE-2023-27524 | POC Details |
| 14 | CVE-2023-27524 | https://github.com/h1n4mx0/Research-CVE-2023-27524 | POC Details |
| 15 | Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-27524.yaml | POC Details |
| 16 | None | https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Apache%20Superset%20%E7%A1%AC%E7%BC%96%E7%A0%81%20JWT%20%E5%AF%86%E9%92%A5%E5%AF%BC%E8%87%B4%E8%AE%A4%E8%AF%81%E7%BB%95%E8%BF%87%E6%BC%8F%E6%B4%9E%20CVE-2023-27524.md | POC Details |
| 17 | https://github.com/vulhub/vulhub/blob/master/superset/CVE-2023-27524/README.md | POC Details | |
| 18 | Apache Superset Auth Bypass (CVE-2023-27524) | https://github.com/tardc/CVE-2023-27524 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-27524
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: Apache Superset
- CVE-2026-23969
Apache Superset: Exposure of Sensitive Information via Incom - CVE-2026-23980
Apache Superset: Improper Neutralization of Special Elements - CVE-2026-23982
Apache Superset: Improper Authorization in Dataset Creation - CVE-2026-23983
Apache Superset: Sensitive Data Exposure via REST API (disab - CVE-2026-23984
Apache Superset: SQLLab Read-Only Bypass on PostgreSQL
Same vendor: Apache Software Foundation
- CVE-2026-39816
Apache NiFi: Missing Execute Code Required Permission on Tin - CVE-2026-25199
Apache CloudStack: Proxmox Extension Allows Unauthorized Cro - CVE-2026-25077
Apache CloudStack: Unauthenticated Command Injection in Dire - CVE-2025-69233
Apache CloudStack: Domain/account resources limits not honor - CVE-2025-66467
Apache CloudStack: MinIO policy remains intact on bucket del
Same weakness: CWE-1188
- CVE-2026-44109
OpenClaw < 2026.4.15 - Authentication Bypass in Feishu Webho - CVE-2026-43581
OpenClaw < 2026.4.10 - Chrome DevTools Protocol Exposure via - CVE-2026-41931
Vvveb < 1.0.8.2 Information Disclosure via Debug Exception H - CVE-2025-31974
HCL BigFix Service Management (SM) is susceptible to a Root - CVE-2026-39920
BridgeHead FileStore < 24A Apache Axis2 Default Credentials
V. Comments for CVE-2023-27524
No comments yet