4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Grafana is Grafana Labs open source set of open source monitoring tools that provide a visual monitoring interface. A denial-of-service vulnerability exists in Grafana versions prior to 8.5.14, 9.0.0 and later, and prior to 9.1.8, which stems from a program that allows a user to block another user by registering another person’s email address as a username. An attacker could use the vulnerability to launch a denial-of-service attack.
CPE | Name | Operator | Version |
---|---|---|---|
grafana grafana | lt | 8.5.14 | |
grafana grafana >=9.0.0, | lt | 9.1.8 |