Security Advisory

CVE-2023-38646

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-21 00:00:00

Last updated 2024-08-02 17:46:56

Assigner mitre

State PUBLISHED

Description

Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the servers privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.

← Browse all CVEs View on cve.org ↗