Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2021/08/18 12:0 a.m.53 views

openSUSE 15 Security Update : SUSE Manager Client Tools (openSUSE-SU-2021:1162-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1162-1 advisory. - Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning...

7.5CVSS7.8AI score0.1956EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2021/08/14 12:0 a.m.98 views

openSUSE 15 Security Update : grafana (openSUSE-SU-2021:1148-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1148-1 advisory. - The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a...

7.5CVSS7.6AI score0.83042EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2021/08/13 12:0 a.m.33 views

openSUSE 15 Security Update : SUSE Manager Client Tools (openSUSE-SU-2021:2675-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2675-1 advisory. - Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning...

7.5CVSS7.8AI score0.1956EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2021/08/13 12:0 a.m.44 views

openSUSE 15 Security Update : grafana (openSUSE-SU-2021:2662-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2662-1 advisory. - The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a...

7.5CVSS7.6AI score0.83042EPSS
Exploits0References16
Circl
Circl
added 2021/03/22 5:37 p.m.6 views

CVE-2021-28148

creationtimestamp| type| source ---|---|--- 2021-03-22 17:37:15+00:00| seen| https://t.me/cibsecurity/25226...

7.5CVSS7.6AI score0.03497EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/03/22 3:15 p.m.31 views

CVE-2021-28148

One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service DoS...

7.5CVSS7.1AI score0.03497EPSS
Exploits0References1
CVE
CVE
added 2021/03/22 2:6 p.m.231 views

CVE-2021-28148

CVE-2021-28148 affects Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5, where one usage insights HTTP API endpoint is accessible without authentication, allowing unauthenticated requests and causing DoS on a Grafana Enterprise instance. Connected sources (OSV entrie...

7.5CVSS7.2AI score0.03497EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2021/03/22 2:6 p.m.39 views

CVE-2021-28148

One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service DoS...

7.5AI score0.03497EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2021/03/18 6:30 p.m.39 views

CVE-2021-28148

A flaw was found in Grafana Enterprise. The HTTP API endpoint for usage insights can be used by any unauthenticated user to send an unlimited number of requests to that endpoint, leading to a denial of service DoS. The highest threat from this vulnerability is to system availability...

7.5CVSS0.6AI score0.03497EPSS
Exploits0References4
Rows per page
Query Builder