3 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-26148
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the apijsonrpc.php HTML source code. When the...
CVE-2022-26148
An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the apijsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in...
CVE-2022-26148
Grafana (through 7.3.4) integrated with Zabbix contains a credentials disclosure flaw: the Zabbix password and URL can be exposed by inspecting api_jsonrpc.php in the HTML source after login/registration, enabling an attacker with access to the app to obtain sensitive Zabbix credentials. Root cau...