SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Apache Superset python pickle library remote code execution attempt
This event is generated when an authenticated user attempts to exploit a deserialization vulnerability in Apache Superset.
Attempted User Privilege Gain
Rule checks for attempts to exploit a deserialization vulnerability in Apache Superset.
Ease of Attack:
What To Look For
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2018-8021Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. Note Superset 0.23 was released prior to any Superset release under the Apache Software Foundation.
||Ease of Access||