Added |
CVSS V3.1 |
|
NIST AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
|
Added |
CVSS V2 |
|
NIST (AV:N/AC:M/Au:S/C:N/I:P/A:N)
|
Added |
CPE Configuration |
|
OR
*cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:* versions from (including) 0.40.0 up to (excluding) 0.40.8
*cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:* versions from (including) 0.41.0 up to (excluding) 0.41.7
*cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:* versions from (including) 0.42.0 up to (excluding) 0.42.4
*cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:* versions from (including) 1.40.0 up to (excluding) 1.40.8
*cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:* versions from (including) 1.41.0 up to (excluding) 1.41.7
*cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:* versions from (including) 1.42.0 up to (excluding) 1.42.4
|
Changed |
Reference Type |
https://github.com/metabase/metabase/releases/tag/v0.42.4 No Types Assigned
|
https://github.com/metabase/metabase/releases/tag/v0.42.4 Release Notes, Third Party Advisory
|
Changed |
Reference Type |
https://github.com/metabase/metabase/security/advisories/GHSA-wjw6-wm9w-7ggr No Types Assigned
|
https://github.com/metabase/metabase/security/advisories/GHSA-wjw6-wm9w-7ggr Release Notes, Third Party Advisory
|
Added |
CVSS V2 Metadata |
|
Victim must voluntarily interact with attack mechanism
|