Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:11 p.m.7 views

CVE-2022-39360

Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9 single sign on SSO users were able to do password resets on Metabase, which could allow a user access without going through the SSO IdP. This issue is patched in versions...

6.5CVSS6.9AI score0.00478EPSS
Exploits0References1
NVD
NVD
added 2022/10/26 7:15 p.m.24 views

CVE-2022-39360

Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9 single sign on SSO users were able to do password resets on Metabase, which could allow a user access without going through the SSO IdP. This issue is patched in versions...

6.5CVSS0.00478EPSS
Exploits0References2
CVE
CVE
added 2022/10/26 12:0 a.m.84 views

CVE-2022-39360

Metabase SSO password-reset flaw allows bypassing IdP for specific older releases. Affected versions include Metabase before 0.44.5/1.44.5, 0.43.7/1.43.7, 0.42.6/1.42.6, and 0.41.9/1.41.9. The root cause enables SSO users to reset passwords without going through the SSO IdP, potentially granting ...

6.5CVSS6.4AI score0.00478EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/26 12:0 a.m.5 views

CVE-2022-39360 Metabase SSO users able to circumvent IdP login by doing password reset

Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9 single sign on SSO users were able to do password resets on Metabase, which could allow a user access without going through the SSO IdP. This issue is patched in versions...

6.5CVSS6.4AI score0.00478EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/10/26 12:0 a.m.27 views

CVE-2022-39360 Metabase SSO users able to circumvent IdP login by doing password reset

Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9 single sign on SSO users were able to do password resets on Metabase, which could allow a user access without going through the SSO IdP. This issue is patched in versions...

6.5CVSS6.6AI score0.00478EPSS
Exploits0References2
Rows per page
Query Builder