CVE-2020-12459

2020-04-29T16:15:00
ID CVE-2020-12459
Type cve
Reporter cve@mitre.org
Modified 2021-07-21T11:39:00

Description

In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.