25 matches found
CVE-2022-2531
An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab was not performing correct authentication on Grafana API under specific conditions allowing...
PT-2022-17203 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 12.5 through 15.0.4 GitLab EE versions 15.1 through 15.1.3 GitLab EE versions 15.2 through 15.2.0 Description: An issue has been discovered in GitLab EE where it was not performing correct authentication on Grafana API unde...
GitLab 12.5 < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 (CVE-2022-2531)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab...
CVE-2022-21713 Exposure of Sensitive Information in Grafana
Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. /teams/:teamId will allow an authenticated attacker to view unintended data by querying for the specific team ID,...
CVE-2021-27437
The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/RMM versions prior to...