7 matches found
CVE-2022-32276
Grafana 8.4.3 allows unauthenticated access via for example a /dashboard/snapshot/?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability...
SUSE CVE-2022-32275
Grafana 8.4.3 allows reading files via for example a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content...
CVE-2022-32276
Grafana 8.4.3 allows unauthenticated access via for example a /dashboard/snapshot/?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability...
CVE-2022-32276
Grafana 8.4.3 allows unauthenticated access via for example a /dashboard/snapshot/?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability...
PT-2022-21200
Name of the Vulnerable Software and Affected Versions Grafana version 8.4.3 Description The issue allows unauthenticated access via a "/dashboard/snapshot/?orgId=0" URI. The vendor considers this a UI bug, not a vulnerability. Recommendations For Grafana version 8.4.3, consider restricting access...
PT-2022-2827 · Grafana · Grafana
Name of the Vulnerable Software and Affected Versions: Grafana version 8.4.3 Description: The issue in Grafana is related to the possibility of bypassing the authentication procedure. Exploitation of this issue may allow a remote attacker to elevate their privileges by sending a specially crafted...
SUSE-SU-2020:2715-1 Security update for grafana
This update for grafana fixes the following issues: - CVE-2020-11110: Fixed a stored XSS in dashboard snapshot original dashboard link bsc1174583...