Added |
CPE Configuration |
|
OR
*cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:* versions from (including) 0.40.0 up to (excluding) 0.40.8
*cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:* versions from (including) 0.41.0 up to (excluding) 0.41.7
*cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:* versions from (including) 0.42.0 up to (excluding) 0.42.4
*cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:* versions from (including) 1.40.0 up to (excluding) 1.40.8
*cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:* versions from (including) 1.41.0 up to (excluding) 1.41.7
*cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:* versions from (including) 1.42.0 up to (excluding) 1.42.4
|
Added |
CVSS V2 |
|
NIST (AV:N/AC:H/Au:N/C:P/I:N/A:N)
|
Added |
CVSS V2 Metadata |
|
Victim must voluntarily interact with attack mechanism
|
Added |
CVSS V3.1 |
|
NIST AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
|
Added |
CWE |
|
NIST CWE-200
|
Changed |
Reference Type |
https://github.com/metabase/metabase/security/advisories/GHSA-5cfq-582c-c38m No Types Assigned
|
https://github.com/metabase/metabase/security/advisories/GHSA-5cfq-582c-c38m Release Notes, Third Party Advisory
|
Changed |
Reference Type |
https://secure77.de/metabase-ntlm-relay-attack/ No Types Assigned
|
https://secure77.de/metabase-ntlm-relay-attack/ Exploit, Third Party Advisory
|
Changed |
Reference Type |
https://www.qomplx.com/qomplx-knowledge-ntlm-relay-attacks-explained/ No Types Assigned
|
https://www.qomplx.com/qomplx-knowledge-ntlm-relay-attacks-explained/ Third Party Advisory
|