5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Grafana is Grafana open source set of open source monitoring tools that provide a visual monitoring interface. The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus, etc. Grafana has a security vulnerability that stems from the fact that an attacker can bypass access restrictions to Grafana data by forgetting the password user enumeration to read sensitive information. No details of the vulnerability are currently available.
CPE | Name | Operator | Version |
---|---|---|---|
grafana grafana >=9.0.0, | lt | 9.2.4 | |
grafana grafana | lt | 8.5.15 |