28 matches found
CVE-2024-1313 vulnerabilities
Vulnerabilities for packages: grafana-fips...
MiracleLinux 9 : grafana-9.2.10-16.el9.ML.1 (AXSA:2024-7906:07)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7906:07 advisory. grafana: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 grafana: vulnerable to authorization bypass...
Security Bulletin: IBM Storage Ceph is vulnerable to Authorization Bypass in Grafana (CVE-2024-1313)
Summary Grafana is used by IBM Storage Ceph as a metrics dashboard. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2024-1313 Vulnerability Details CVEID:CVE-2024-1313 DESCRIPTION: It is possible for a user in a different organization from the owner of a...
TencentOS Server 3: grafana (TSSA-2024:0389)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0389 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Alibaba Cloud Linux 3 : 0096: grafana (ALINUX3-SA-2024:0096)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0096 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-1313: It is possible for a user i...
openSUSE Security Advisory (SUSE-SU-2024:1530-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:1530-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : grafana and mybatis (SUSE-SU-2024:1530-2)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1530-2 advisory. grafana was updated to version 9.5.18: - Grafana now requires Go 1.20 - Security issues fixed: CVE-2024-1313: Require same...
SUSE-SU-2024:1530-2 Security update for grafana and mybatis
This update for grafana and mybatis fixes the following issues: grafana was updated to version 9.5.18: - Grafana now requires Go 1.20 - Security issues fixed: CVE-2024-1313: Require same organisation when deleting snapshots bsc1222155 CVE-2023-6152: Add email verification when updating user email...
RLSA-2024:3265 Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 grafana: vulnerable to authorization bypass CVE-2024-1313 For more details...
Rocky Linux 8 : grafana (RLSA-2024:3265)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3265 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 grafana: vulnerable to authorization bypass CVE-2024-1313...
Oracle Linux 8 : grafana (ELSA-2024-3265)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3265 advisory. - fix CVE-2024-1313 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...
grafana security update
9.2.10-16 - Check OrdID is correct before deleting snapshot - fix CVE-2024-1313 - fix CVE-2024-1394...
Important: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
ALSA-2024:3265 Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 grafana: vulnerable to authorization bypass CVE-2024-1313 For more details...
Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 grafana: vulnerable to authorization bypass CVE-2024-1313 For more details...
Rocky Linux 9 : grafana (RLSA-2024:2568)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2568 advisory. - It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE...
grafana security update
9.2.10-16 - Check OrdID is correct before deleting snapshot - fix CVE-2024-1313 - fix CVE-2024-1394...
SUSE SLES12 Security Update : SUSE Manager Client Tools (SUSE-SU-2024:1508-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1508-1 advisory. golang-github-prometheus-nodeexporter: - Update to 1.7.0 jscPED-7893, jscPED-7928: FEATURE Add ZFS freebsd per dataset stats 2753...
Oracle Linux 9 : grafana (ELSA-2024-2568)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2568 advisory. - fix CVE-2024-1313 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...