Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-5122
HistoryFeb 14, 2024 - 3:15 p.m.

Design/Logic Flaw

2024-02-1415:15:00
PRIOn knowledge base
www.prio-n.com
6
grafana
csv
datasource
ssrf
request
information disclosure
vulnerability

7.4 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Grafana is an open-source platform for monitoring and observability. The CSV datasource plugin is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing CSV data from a remote endpoint configured by an administrator. If this plugin was configured to send requests to a bare host with no path (e.g. https://www.example.com/ https://www.example.com/` ), requests to an endpoint other than the one configured by the administrator could be triggered by a specially crafted request from any user, resulting in an SSRF vector. AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator

Related

veracode 1
cve 1
cvelist 1
nvd 1
veracode
veracode
Server Side Request Forgery (SSRF)
2024-02-22 12:28:41
cve
cve
CVE-2023-5122
2024-02-14 15:15:08
cvelist
cvelist
CVE-2023-5122 SSRF in CSV Datasource Plugin
2024-02-14 15:06:12
nvd
nvd
CVE-2023-5122
2024-02-14 15:15:08

7.4 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for PRION:CVE-2023-5122
veracode1cve1cvelist1nvd1