Lucene search
K

4 matches found

cvelist
cvelist
added 2023/01/28 1:23 a.m.23 views

CVE-2023-23629 Metabase subject to Improper Privilege Management

Metabase is an open source data analytics platform. Affected versions are subject to Improper Privilege Management. As intended, recipients of dashboards subscriptions can view the data as seen by the creator of that subscription. This allows someone with greater access to data to create a...

6.3CVSS6.4AI score0.00378EPSS
Exploits0References1
osv
osv
added 2023/01/28 1:23 a.m.17 views

CVE-2023-23629 Metabase subject to Improper Privilege Management

Metabase is an open source data analytics platform. Affected versions are subject to Improper Privilege Management. As intended, recipients of dashboards subscriptions can view the data as seen by the creator of that subscription. This allows someone with greater access to data to create a...

6.3CVSS6.3AI score0.00378EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2023/01/28 1:23 a.m.7 views

CVE-2023-23629 Metabase subject to Improper Privilege Management

Metabase is an open source data analytics platform. Affected versions are subject to Improper Privilege Management. As intended, recipients of dashboards subscriptions can view the data as seen by the creator of that subscription. This allows someone with greater access to data to create a...

6.3CVSS6.4AI score0.00378EPSS
Exploits0References1
cve
cve
added 2023/01/28 1:23 a.m.80 views

CVE-2023-23629

Metabase (open-source analytics platform) is affected by CVE-2023-23629 due to Improper Privilege Management in dashboard subscriptions. The issue allows a user with higher data privileges to create a subscription and add recipients, who then receive data exposed according to the creator’s privil...

6.3CVSS6.2AI score0.00378EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder