3 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-32275
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana 8.4.3 allows reading files via for example a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: th...
CVE-2022-32275
A flaw was found in grafana. This vulnerability occurs when the traversal path is explored, and the authentication system redirects to an internal system page that authenticated users should only access...
CVE-2022-32275
Grafana 8.4.3 is listed as CVE-2022-32275 for a potential directory/traversal issue that could let an attacker read arbitrary files via crafted URLs such as /dashboard/snapshot/{...}/etc/passwd. The description notes the vendor’s position that there is no vulnerability and that the request yields...