Y
Hacker News
new
|
ask
|
show
|
jobs
by
JJJollyjim
1056 days ago
Presumably the metabase instance also has credentials to access some databases, some of which may be have enough privileges to also get RCE on the database machines (as well as messing with the data they hold).
1 comments
Dachande663
1056 days ago
We issue separate read-only credentials for database access fortunately. Still doesn't remove the risk of all the data been exfiltrated though.
link