Metabase remote code execution

Pubblicato il: 18 agosto 2023
sul canale di: The SecOps Group
727
16

Metabase is an open source data analytics platform. CVE-2023-38646 it allow unauthenticated attackers to execute arbitrary commands on the server, at the server's privilege level. This issue is caused by JDBC url attacks in the setup request.

Affected versions
Metabase open source before 0.46.6.1
17:34 10-08-2023and Metabase Enterprise before 1.46.6.1

Vulnmachines​​ - Place for Pentesters
Vulnmachines is online cyber security training platform with a massive number of labs, allowing individuals, students, cyber professionals, companies, universities and all kinds of organizations around the world to enhance their practical skills with Real-world enterprise scenarios.

Visit : https://www.vulnmachines.com​​​​​

The SecOps Group is a globally recognized IT security company having extensive and varied experience in providing cybersecurity consultancy and education services. At The SecOps Group, we believe that security is a continuous process, which has to progress with time and in accordance with the customer needs and constantly evolving threats. Our core business comprises of two units:

1. Consultancy:
Pentesting and Advisory
The SecOps Group are cybersecurity experts offering CREST-accredited security consultancy services.

2. Education:
Pentesting Exams
Through our exams, we provide an authentic and credible certification that is modern, relevant and represents real-life business risks.

For business: https://secops.group/

Follow us
Twitter:   / thesecopsgroup  
Instagram:   / thesecopsgroupuk  
LinkedIn:   / secops-groups  


In questa pagina del sito puoi guardare il video online Metabase remote code execution della durata di ore minuti seconda in buona qualità , che l'utente ha caricato The SecOps Group 18 agosto 2023, condividi il link con amici e conoscenti, su youtube questo video è già stato visto 727 volte e gli è piaciuto 16 spettatori. Buona visione!