Lucene search
+L

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-23498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including...

8.8CVSS7.8AI score0.01132EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/31 2:14 p.m.23 views

Security Bulletin: IBM Storage Ceph is vulnerable to the Exposure of Sensitive Information to an Unauthorized Actor in Grafana (CVE-2022-23498)

Summary Grafana is used by IBM Storage Ceph as a metrics dashboard. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2022-23498 Vulnerability Details CVEID:CVE-2022-23498 DESCRIPTION: Grafana could allow a remote authenticated attacker to obtain sensitive...

8.8CVSS7.3AI score0.01132EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/11 11:47 a.m.76 views

Security Bulletin: Netcool Operations Insight v1.6.8 addresses multiple security vulnerabilities.

Summary Netcool Operations Insight v1.6.8 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2022-23498 DESCRIPTION: Grafana could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when datasource query...

10CVSS9.9AI score0.99019EPSS
Exploits71Affected Software1
CVE
CVE
added 2023/02/03 9:34 p.m.320 views

CVE-2022-23498

CVE-2022-23498 concerns Grafana: when datasource query caching is enabled, Grafana caches all headers, including grafana_session, which can allow a user querying a datasource with caching enabled to access another user’s session. The Nessus entry for CVE-2022-23498 describes this issue in Grafana...

8.8CVSS7.6AI score0.01132EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/03 9:34 p.m.12 views

CVE-2022-23498 When query caching is enabled in Grafana users can query another users session

Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including grafanasession. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the...

7.1CVSS7.1AI score0.01132EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/02/03 12:0 a.m.23 views

Grafana 8.3.0 < 9.2.10, 9.3.0 < 9.3.4 Information Disclosure Vulnerability (GHSA-2j8f-6whh-frc8)

Grafana is prone to an information disclosure vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

8.8CVSS8.4AI score0.01132EPSS
Exploits1References1
Rows per page
Query Builder