20 matches found
FreeBSD : Grafana -- Public dashboards discloses all direct mode datasources (6b2bf8e9-5900-11f1-b525-3c7c3fba4204)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6b2bf8e9-5900-11f1-b525-3c7c3fba4204 advisory. https://grafana.com/security/security-advisories/cve-2026-27877 reports: When using public dashboards a...
grafana: Grafana: Information disclosure of data-source passwords via public dashboards
A flaw was found in Grafana. When public dashboards are used with direct data-sources, sensitive credentials, specifically passwords for all direct data-sources, are exposed. This information disclosure occurs even when these data-sources are not actively utilized in the dashboards. A remote...
BIT-GRAFANA-2026-27877 Public dashboards discloses all direct mode datasources
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
SUSE CVE-2026-27877
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
Public dashboards discloses all direct mode datasources
When using public dashboards and direct data-sources, all direct data-sources’ passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
Linux Distros Unpatched Vulnerability : CVE-2026-27877
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxi...
CVE-2026-27877
A flaw was found in Grafana. When public dashboards are used with direct data-sources, sensitive credentials, specifically passwords for all direct data-sources, are exposed. This information disclosure occurs even when these data-sources are not actively utilized in the dashboards. A remote...
EUVD-2026-16596
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
Grafana public dashboards disclose all direct mode datasources
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
GHSA-3Q27-7QJQ-P9C5 Grafana public dashboards disclose all direct mode datasources
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
CVE-2026-27877
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
CVE-2026-27877
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
UBUNTU-CVE-2026-27877
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
CVE-2026-27877 Public dashboards discloses all direct mode datasources
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
CVE-2026-27877
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
CVE-2026-27877 Public dashboards discloses all direct mode datasources
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
CVE-2026-27877
CVE-2026-27877 affects Grafana where, when using public dashboards with direct data-sources, passwords for those data-sources are exposed. The root cause is direct data-source password handling leaking in such dashboards. The advisory recommends converting direct data-sources to proxied data-sour...
CVE-2026-27877
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
PT-2026-28370
Name of the Vulnerable Software and Affected Versions Versions affected versions not specified Description When using public dashboards and direct data-sources, passwords for direct data-sources are exposed even if they are not actively used in dashboards. Passwords for proxied data-sources are n...
Grafana -- Public dashboards discloses all direct mode datasources
https://grafana.com/security/security-advisories/cve-2026-27877 reports: When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-source...