7 matches found
TencentOS Server 4: grafana (TSSA-2024:0906)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0906 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
openSUSE: Security Advisory for the Linux Kernel RT (Live Patch 0 for SLE 15 SP5)
The remote host is missing an update for the Linux Kernel RT Live Patch 0 for SLE 15 SP5 packages announced via the SUSE-SU-2023:3136-1 advisory. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
Security Bulletin: IBM Storage Ceph is vulnerable to Missing Authorization in Grafana (CVE-2023-2183)
Summary Grafana is used by IBM Storage Ceph as a monitoring dashboard. CVE-2023-2183 This bulletin identifies the steps to take to address the vulnerability in Grafana. Vulnerability Details CVEID:CVE-2023-2183 DESCRIPTION: Grafana could allow a remote authenticated attacker to obtain sensitive...
Security Bulletin: IBM Storage Ceph is vulnerable to Missing Authorization in Grafana (CVE-2023-2183)
Summary Grafana is used by IBM Storage Ceph as a monitoring dashboard. CVE-2023-2183 This bulletin identifies the steps to take to address the vulnerability in Grafana. Vulnerability Details CVEID: CVE-2023-2183 DESCRIPTION: Grafana could allow a remote authenticated attacker to obtain sensitive...
FreeBSD : Grafana -- Broken access control: viewer can send test alerts (6c1de144-056f-11ee-8e16-6c3be5272acd)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6c1de144-056f-11ee-8e16-6c3be5272acd advisory. - Grafana is an open-source platform for monitoring and observability. The option to send a test alert ...
CVE-2023-2183
Grafana CVE-2023-2183 is a real vulnerability where the Viewer role cannot send test alerts from the UI, but the API does not enforce access, enabling abuse to flood emails/Slack and potentially facilitate phishing. Affected Grafana versions include older series; fixes are available in Grafana 9....
CVE-2023-2183
Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access t...