VYPR
Unrated severityNVD Advisory· Published Jul 21, 2023· Updated Aug 2, 2024

CVE-2023-38646

CVE-2023-38646

Description

Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Metabase/Metabase open sourcedescription
  • Range: <0.46.6.1

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.