PT-2022-16927 · Metabase · Metabase
Secure77
·
Published
2022-04-14
·
Updated
2022-04-22
·
CVE-2022-24853
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Metabase versions prior to 0.40.8
Metabase versions prior to 0.41.7
Metabase versions prior to 0.42.4
Metabase versions prior to 1.40.8
Metabase versions prior to 1.41.7
Metabase versions prior to 1.42.4
Description
Metabase is an open source business intelligence and analytics application. It has a proxy to load arbitrary URLs for JSON maps as part of its GeoJSON support. Although validation is performed to prevent returning contents of arbitrary URLs, a particularly crafted request could result in file access on Windows, enabling an
NTLM relay attack. This potentially allows an attacker to receive the system password hash.Recommendations
For Metabase versions prior to 0.40.8, upgrade to version 0.40.8 or greater.
For Metabase versions prior to 0.41.7, upgrade to version 0.41.7 or greater.
For Metabase versions prior to 0.42.4, upgrade to version 0.42.4 or greater.
For Metabase versions prior to 1.40.8, upgrade to version 1.40.8 or greater.
For Metabase versions prior to 1.41.7, upgrade to version 1.41.7 or greater.
For Metabase versions prior to 1.42.4, upgrade to version 1.42.4 or greater.
Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Metabase