HTTP: Metabase Setup Token Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Metabase. A successful attack can lead to arbitrary code execution.

Extended Description

Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.

Affected Products

Metabase metabase

References

CVE: CVE-2023-38646

Short Name
HTTP:CTS:METABASE-SETUP-TKN-RCE
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2023-38646 Code Execution Metabase Remote Setup Token
Release Date
09/28/2023
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3693
False Positive
Unknown
Vendors

Metabase

Found a potential security threat?