Lucene search
+L

9 matches found

Tenable Nessus
Tenable Nessus
added 2021/08/18 12:0 a.m.53 views

openSUSE 15 Security Update : SUSE Manager Client Tools (openSUSE-SU-2021:1162-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1162-1 advisory. - Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning...

7.5CVSS7.8AI score0.1956EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2021/08/14 12:0 a.m.98 views

openSUSE 15 Security Update : grafana (openSUSE-SU-2021:1148-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1148-1 advisory. - The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a...

7.5CVSS7.6AI score0.83042EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2021/08/13 12:0 a.m.44 views

openSUSE 15 Security Update : grafana (openSUSE-SU-2021:2662-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2662-1 advisory. - The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a...

7.5CVSS7.6AI score0.83042EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2021/08/13 12:0 a.m.33 views

openSUSE 15 Security Update : SUSE Manager Client Tools (openSUSE-SU-2021:2675-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2675-1 advisory. - Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning...

7.5CVSS7.8AI score0.1956EPSS
Exploits0References17
Circl
Circl
added 2021/03/22 5:37 p.m.6 views

CVE-2021-28146

creationtimestamp| type| source ---|---|--- 2021-03-22 17:37:17+00:00| seen| https://t.me/cibsecurity/25228...

6.5CVSS6.6AI score0.01397EPSS
Exploits0References1
OSV
OSV
added 2021/03/22 2:15 p.m.25 views

CVE-2021-28146

The team sync HTTP API in Grafana Enterprise 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service, this vulnerability allows any authenticated user to add external groups to existing teams. This can be used to grant a user team...

6.5CVSS6.6AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2021/03/22 2:15 p.m.23 views

CVE-2021-28146

The team sync HTTP API in Grafana Enterprise 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service, this vulnerability allows any authenticated user to add external groups to existing teams. This can be used to grant a user team...

6.5CVSS6.8AI score0.01397EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/03/22 2:15 p.m.3 views

CVE-2021-28146

The team sync HTTP API in Grafana Enterprise 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service, this vulnerability allows any authenticated user to add external groups to existing teams. This can be used to grant a user team...

6.5CVSS0.01397EPSS
Exploits0References8
CVE
CVE
added 2021/03/22 2:0 p.m.211 views

CVE-2021-28146

CVE-2021-28146 concerns Grafana Enterprise 7.4.x before 7.4.5. The issue is an Incorrect Access Control in the team-sync HTTP API that, on Grafana instances using an external authentication service, allows any authenticated user to add external groups to existing teams, thereby granting permissio...

6.5CVSS6.6AI score0.01397EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder