Description

Acunetix determined that the Metabase is vulnerable to remote code execution.

Remediation

Upgrade to the latest version of Metabase

References

CVE-2023-38646

Related Vulnerabilities

WordPress Plugin Slider Revolution Responsive Local File Inclusion (4.1.4)

WordPress Plugin Backup by Supsystic Local File Inclusion (2.3.9)

WordPress Plugin News Element Elementor Blog Magazine Local File Inclusion (1.0.5)

WordPress Plugin Buddypress Component Stats Local File Inclusion (1.0)

Squid Improper Input Validation Vulnerability (CVE-2016-2390)

Severity

High

Classification

CVE-2023-38646 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

File Inclusion