Metabase
CVE-2022-24854
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Metabase is an open source business intelligence and analytics application. SQLite has an FDW-like feature called ATTACH DATABASE, which allows connecting multiple SQLite databases via the initial connection. If the attacker has SQL permissions to at least one SQLite database, then it can attach this database to a second database, and then it can query across all the tables. To be able to do that the attacker also needs to know the file path to the second database. Users are advised to upgrade as soon as possible. If you're unable to upgrade, you can modify your SQLIte connection strings to contain the url argument ?limit_attached=0, which will disallow making connections to other SQLite databases. Only users making use of SQLite are affected.
AnalysisAI
Metabase is an open source business intelligence and analytics application. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-610. Metabase is an open source business intelligence and analytics application. SQLite has an FDW-like feature called ATTACH DATABASE, which allows connecting multiple SQLite databases via the initial connection. If the attacker has SQL permissions to at least one SQLite database, then it can attach this database to a second database, and then it can query across all the tables. To be able to do that the attacker also needs to know the file path to the second database. Users are advised to upgrade as soon as possible. If you're unable to upgrade, you can modify your SQLIte connection strings to contain the url argument ?limit_attached=0, which will disallow making connections to other SQLite databases. Only users making use of SQLite are affected. Affected products include: Metabase.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary comman
Metabase is an open source data analytics platform. Rated high severity (CVSS 7.5), this vulnerability is remotely explo
The url parameter of the /api/geojson endpoint in Metabase versions <44.5 can be used to perform Server Side Request For
Remote code execution in Metabase (open-source business intelligence platform) versions 1.54.0 through the fixed release
Metabase is an open-source business intelligence and analytics platform. Rated critical severity (CVSS 9.8), this vulner
Metabase is an open source business analytics engine. Rated critical severity (CVSS 9.6), this vulnerability is remotely
Metabase is an open source business intelligence and analytics application. Rated medium severity (CVSS 5.3), this vulne
Remote code execution in Metabase's H2 database driver allows an authenticated user with native-query privileges to run
Metabase is data visualization software. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low
Metabase is data visualization software. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low
Metabase versions prior to 0.57.13 and 0.58.x through 0.58.6 allow authenticated users to extract sensitive data includi
Arbitrary file read in Metabase (versions from 1.57.0 up to the fixed releases) allows an attacker who already holds dat
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today