Metabase
CVE-2021-41277
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionNVD
Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (admin->settings->maps->custom maps->add a map) support and potential local file inclusion (including environment variables). URLs were not validated prior to being loaded. This issue is fixed in a new maintenance release (0.40.5 and 1.40.5), and any subsequent release after that. If you’re unable to upgrade immediately, you can mitigate this by including rules in your reverse proxy or load balancer or WAF to provide a validation filter before the application.
AnalysisAI
Metabase is an open source data analytics platform. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Technical ContextAI
This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (admin->settings->maps->custom maps->add a map) support and potential local file inclusion (including environment variables). URLs were not validated prior to being loaded. This issue is fixed in a new maintenance release (0.40.5 and 1.40.5), and any subsequent release after that. If you’re unable to upgrade immediately, you can mitigate this by including rules in your reverse proxy or load balancer or WAF to provide a validation filter before the application. Affected products include: Metabase.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary comman
The url parameter of the /api/geojson endpoint in Metabase versions <44.5 can be used to perform Server Side Request For
Remote code execution in Metabase (open-source business intelligence platform) versions 1.54.0 through the fixed release
Metabase is an open-source business intelligence and analytics platform. Rated critical severity (CVSS 9.8), this vulner
Metabase is an open source business analytics engine. Rated critical severity (CVSS 9.6), this vulnerability is remotely
Metabase is an open source business intelligence and analytics application. Rated medium severity (CVSS 5.3), this vulne
Remote code execution in Metabase's H2 database driver allows an authenticated user with native-query privileges to run
Metabase is data visualization software. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low
Metabase is data visualization software. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low
Metabase is an open source business intelligence and analytics application. Rated high severity (CVSS 8.8), this vulnera
Metabase versions prior to 0.57.13 and 0.58.x through 0.58.6 allow authenticated users to extract sensitive data includi
Arbitrary file read in Metabase (versions from 1.57.0 up to the fixed releases) allows an attacker who already holds dat
Same weakness CWE-200 – Information Exposure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today