Metabase 0.43.x < 0.43.7.1 / 0.44.x < 0.44.6.1 / 0.45.x < 0.45.2.1 / 1.43.x < 1.43.7.1 / 1.44.x < 1.44.6.1 / 1.45.x < 1.45.2.1

The version of Metabase installed on the remote host is affected by multiple vulnerabilities: - An information disclosure exposure of sensitive information to an Unauthorized Actor. Sandboxed users shouldn't be able to view data about other Metabase users anywhere in the Metabase application...

CVE-2023-23629

Metabase is an open source data analytics platform. Affected versions are subject to Improper Privilege Management. As intended, recipients of dashboards subscriptions can view the data as seen by the creator of that subscription. This allows someone with greater access to data to create a...

Design/Logic Flaw

Metabase is an open source data analytics platform. Affected versions are subject to Improper Privilege Management. As intended, recipients of dashboards subscriptions can view the data as seen by the creator of that subscription. This allows someone with greater access to data to create a...

CVE-2023-23629

Metabase (open-source analytics platform) is affected by CVE-2023-23629 due to Improper Privilege Management in dashboard subscriptions. The issue allows a user with higher data privileges to create a subscription and add recipients, who then receive data exposed according to the creator’s privil...

CVE-2023-23629 Metabase subject to Improper Privilege Management

Metabase is an open source data analytics platform. Affected versions are subject to Improper Privilege Management. As intended, recipients of dashboards subscriptions can view the data as seen by the creator of that subscription. This allows someone with greater access to data to create a...