9 matches found
openSUSE 15 Security Update : SUSE Manager Client Tools (openSUSE-SU-2021:1162-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1162-1 advisory. - Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning...
openSUSE 15 Security Update : grafana (openSUSE-SU-2021:1148-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1148-1 advisory. - The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a...
openSUSE 15 Security Update : SUSE Manager Client Tools (openSUSE-SU-2021:2675-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2675-1 advisory. - Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning...
openSUSE 15 Security Update : grafana (openSUSE-SU-2021:2662-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2662-1 advisory. - The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a...
CVE-2021-28148
creationtimestamp| type| source ---|---|--- 2021-03-22 17:37:15+00:00| seen| https://t.me/cibsecurity/25226...
CVE-2021-28148
One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service DoS...
CVE-2021-28148
CVE-2021-28148 affects Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5, where one usage insights HTTP API endpoint is accessible without authentication, allowing unauthenticated requests and causing DoS on a Grafana Enterprise instance. Connected sources (OSV entrie...
CVE-2021-28148
One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service DoS...
CVE-2021-28148
A flaw was found in Grafana Enterprise. The HTTP API endpoint for usage insights can be used by any unauthenticated user to send an unlimited number of requests to that endpoint, leading to a denial of service DoS. The highest threat from this vulnerability is to system availability...