Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2021/08/18 12:0 a.m.53 views

openSUSE 15 Security Update : SUSE Manager Client Tools (openSUSE-SU-2021:1162-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1162-1 advisory. - Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning...

7.5CVSS7.8AI score0.1956EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2021/08/14 12:0 a.m.98 views

openSUSE 15 Security Update : grafana (openSUSE-SU-2021:1148-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1148-1 advisory. - The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a...

7.5CVSS7.6AI score0.83042EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2021/08/13 12:0 a.m.44 views

openSUSE 15 Security Update : grafana (openSUSE-SU-2021:2662-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2662-1 advisory. - The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a...

7.5CVSS7.6AI score0.83042EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2021/08/13 12:0 a.m.33 views

openSUSE 15 Security Update : SUSE Manager Client Tools (openSUSE-SU-2021:2675-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2675-1 advisory. - Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning...

7.5CVSS7.8AI score0.1956EPSS
Exploits0References17
OpenVAS
OpenVAS
added 2021/03/29 12:0 a.m.25 views

Grafana 6.1.0-beta1 - 7.4.3 Access Control Bypass Vulnerability

Grafana is prone to an access control bypass vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

6.5CVSS7.6AI score0.0161EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/03/22 3:15 p.m.28 views

CVE-2021-28147

The team sync HTTP API in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service and having the EditorsCanAdmin feature enabled, this vulnerability allows any authenticated...

6.5CVSS6.8AI score0.0161EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/03/22 2:3 p.m.40 views

CVE-2021-28147

The team sync HTTP API in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service and having the EditorsCanAdmin feature enabled, this vulnerability allows any authenticated...

7AI score0.0161EPSS
Exploits0References8
CVE
CVE
added 2021/03/22 2:3 p.m.198 views

CVE-2021-28147

CVE-2021-28147 affects Grafana Enterprise: when external authentication is in use and EditorsCanAdmin is enabled, any authenticated user can add external groups to any existing team due to an Incorrect Access Control flaw. Affected versions include Grafana Enterprise 6.x prior to 6.7.6, 7.x prior...

6.5CVSS6.6AI score0.0161EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder