14 matches found
Grafana Unauthenticated Snapshot Creation
Grafana 6.7.3 through 7.4.1 snapshot functionality can allow an unauthenticated remote attacker to trigger a Denial of Service via a remote API call if a commonly used configuration is set. id: CVE-2021-27358 info: name: Grafana Unauthenticated Snapshot Creation author: pdteam,bing0o severity: hi...
Linux Distros Unpatched Vulnerability : CVE-2021-27358
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a...
AlmaLinux 8 : grafana (ALSA-2021:4226)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4226 advisory. - In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during...
RHEL 8 : grafana (RHSA-2021:4226)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4226 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. The following packages have be...
Moderate: Red Hat Security Advisory: grafana security, bug fix, and enhancement update
An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
grafana security, bug fix, and enhancement update
An update is available for grafana. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor fo...
grafana security update
7.3.6-3 - resolve CVE-2021-39226 - resolve CVE-2021-27358...
openSUSE: Security Advisory for grafana (openSUSE-SU-2021:1148-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE 15 Security Update : grafana (openSUSE-SU-2021:1148-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1148-1 advisory. - The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a...
openSUSE 15 Security Update : grafana (openSUSE-SU-2021:2662-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2662-1 advisory. - The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a...
openSUSE: Security Advisory for grafana (openSUSE-SU-2021:2662-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for grafana (important)
openSUSE Security Update: Security update for grafana Announcement ID: openSUSE-SU-2021:2662-1 Rating: important References: 1183803 1183809 1183811 1183813 1184371 Cross-References: CVE-2021-27358 CVE-2021-27962 CVE-2021-28146 CVE-2021-28147 CVE-2021-28148 CVSS scores: CVE-2021-27358 NVD : 7.5...
CVE-2021-27358
creationtimestamp| type| source ---|---|--- 2021-03-18 23:37:39+00:00| seen| https://t.me/cibsecurity/25156 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-27358.yaml 2026-06-07 00:00:00+00:00| exploited| The Shadowserve...
CVE-2021-27358
Grafana 6.7.3–7.4.1 is affected by CVE-2021-27358 via the snapshot feature. An unauthenticated remote attacker can trigger a Denial of Service by making a remote API call if a common configuration is set. Remediation: upgrade to Grafana 7.4.2 or later (fix released in 7.4.2).