Metabase Enterprise Remote Code Execution and Arbitrary File Read Vulnerability via H2 JDBC INIT Injection

A remote code execution (RCE) and arbitrary file read vulnerability has been identified in Metabase Enterprise versions prior to 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4. The issue arises in the 'POST /api/ee/serialization/import' endpoint, where authenticated admins can exploit a crafted serialization archive that injects an 'INIT' property into the H2 JDBC specification. This injection allows the execution of arbitrary SQL during a database synchronization process, with confirmed exploitation on Metabase Cloud. The vulnerability affects all Metabase Enterprise versions with serialization capabilities, dating back to at least version 1.47.

Impact

Exploitation of this vulnerability allows for remote code execution on the server, where a two-step attack can be executed to write and then execute a Clojure payload, leading to OS command execution. Additionally, the vulnerability allows for arbitrary file read, where crafted YAML can be used to exfiltrate any file accessible by the JVM process through an HTTP callback during the synchronization process.

Remediation

Users can upgrade to Metabase Enterprise versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, or 1.59.4. For those using Docker, the updated images are available as 'metabase/metabase-enterprise:v1.54.22.x', 'metabase/metabase-enterprise:v1.55.22.x', 'metabase/metabase-enterprise:v1.56.22.x', 'metabase/metabase-enterprise:v1.57.16.x', 'metabase/metabase-enterprise:v1.58.10.x', and 'metabase/metabase-enterprise:v1.59.4.x'. Alternatively, the JAR files for the patched versions can be downloaded from the Metabase downloads site.