Linux Distros Unpatched Vulnerability : CVE-2021-43798

🗓️ 04 Sep 2025 00:00:00Reported by TenableType

Grafana versions 8.0.0-beta1 to 8.3.0 are vulnerable to directory traversal; upgrade to 8.0.7, 8.1.8, 8.2.7, or 8.3.1.

Reporter	Title	Published	Views	Family All 129
GithubExploit	Exploit for Path Traversal in Grafana	21 Dec 202314:24	–	githubexploit
GithubExploit	Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Zulip	8 Dec 202100:47	–	githubexploit
GithubExploit	Exploit for Path Traversal in Grafana	7 Dec 202112:47	–	githubexploit
GithubExploit	Exploit for Path Traversal in Grafana	7 Dec 202114:06	–	githubexploit
GithubExploit	Exploit for Path Traversal in Grafana	8 Dec 202114:14	–	githubexploit
GithubExploit	Exploit for Path Traversal in Grafana	17 Dec 202107:03	–	githubexploit
GithubExploit	Exploit for Path Traversal in Grafana	7 Dec 202115:11	–	githubexploit
GithubExploit	Exploit for Path Traversal in Grafana	4 Mar 202418:32	–	githubexploit
GithubExploit	Exploit for Path Traversal in Grafana	7 Dec 202108:59	–	githubexploit
GithubExploit	Exploit for Path Traversal in Grafana	2 Jun 202619:27	–	githubexploit

Source	Link
ubuntu	www.ubuntu.com/security/CVE-2021-43798
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(261239);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/10/09");

  script_cve_id("CVE-2021-43798");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2025/10/30");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2021-43798");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through
    8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files.
    The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any
    installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched
    versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about
    vulnerable URL paths, mitigation, and the disclosure timeline. (CVE-2021-43798)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2021-43798");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-43798");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/12/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/09/04");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:grafana");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Ubuntu Linux-16.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-16.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "16.04",
        "pkgs": [
          {"reference": "grafana"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

09 Oct 2025 00:00Current

8.2High risk

Vulners AI Score8.2

CVSS 25

CVSS 3.17.5

EPSS0.94438

SSVC