Metabase is an open-source data analytics platform. For new sandboxing configurations created in 1.52.0 till 1.52.2.4, sandboxed users are able to see field filter values from other sandboxed users. This is fixed in 1.52.2.5. Users on 1.52.0 or 1.52.1 or 1.5.2 should upgrade to 1.52.2.5. There are no workarounds for this issue aside from upgrading.
Metrics
Affected Vendors & Products
References
History
Tue, 17 Dec 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 16 Dec 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Metabase is an open-source data analytics platform. For new sandboxing configurations created in 1.52.0 till 1.52.2.4, sandboxed users are able to see field filter values from other sandboxed users. This is fixed in 1.52.2.5. Users on 1.52.0 or 1.52.1 or 1.5.2 should upgrade to 1.52.2.5. There are no workarounds for this issue aside from upgrading. | |
Title | Metabase sandboxed users could see filter values from other sandboxed users | |
Weaknesses | CWE-200 | |
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-12-16T20:03:54.861Z
Updated: 2024-12-17T15:17:36.574Z
Reserved: 2024-12-13T17:47:38.371Z
Link: CVE-2024-55951
Vulnrichment
Updated: 2024-12-17T15:17:32.502Z
NVD
Status : Received
Published: 2024-12-16T20:15:13.823
Modified: 2024-12-16T20:15:13.823
Link: CVE-2024-55951
Redhat
No data.