![USD 110M Loan Portfolio at Risk Due to Vendor’s Apache Superset Insecure Default Initialization of Resource Vulnerability [CVE-2023-27524]](https://cdn.prod.website-files.com/635e632477408d12d1811a64/67f75a3101fcef1333fb9229_AD_4nXcY9AUlzWxPBZj_My1UbosyPSIvM4C-iexqmadCh0QwHYTewHCWUSqS-rnSb_VxJ9XL3U670ceIWSEUiLlfkXUUjHl1PC4N_N4C48ebexXp7c8a5zeVNHWEm8FYUGIFa067gJjp8A.jpeg "USD 110M Loan Portfolio at Risk Due to Vendor’s Apache Superset Insecure Default Initialization of Resource Vulnerability [CVE-2023-27524]")
This article highlights a major security mishap where an unauthenticated Apache Superset dashboard belonging to a vendor of a significant financial institution was left exposed online, resulting in the leakage of sensitive financial data, including over USD 110 million in loans. CloudSEK’s SVigil discovered the vulnerability, preventing a potential multi-crore disaster by enabling swift corrective actions. Affected: financial institutions, vendor systems, data privacy, customer trust, regulatory compliance
Keypoints :
- Discovery of an unsecured Apache Superset dashboard belonging to a vendor for a major financial institution.
- The dashboard was accessible without authentication, exposing critical data.
- Data exposure included 2.6 million allocated accounts and USD 110 million in outstanding loans.
- Potential repercussions included reputational damage and regulatory penalties.
- SVigil’s monitoring identified the threat and helped secure sensitive data.
MITRE Techniques :
- TA0001 – Initial Access: Unauthenticated access to the Apache Superset dashboard allowed access to sensitive data without any login barrier.
- T1071 – Application Layer Protocol: Data was transmitted through browser requests to the unsecured Superset dashboard.
Indicator of Compromise :
- [URL] http://ip-address:port/superset/dashboard/ (example URL for unsecured dashboard).
- [Domain] vendorfinancials.com (hypothetical example for the vendor site).
Views: 35