Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-18144

Malware in sbrugna...

5.5CVSS5.6AI score0.00277EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 8:53 p.m.5 views

CVE-2021-31231

The Alertmanager in Grafana Enterprise Metrics before 1.2.1 and Metrics Enterprise 1.2.1 has a local file disclosure vulnerability when experimental.alertmanager.enable-api is used. The HTTP basic auth passwordfile can be used as an attack vector to send any file content via a webhook. The...

5.5CVSS6.1AI score0.00277EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/11/10 12:0 a.m.6 views

The vulnerability of the Grafana Enterprise Metrics data visualization system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Grafana Enterprise Metrics data visualization system is related to access control based on tags. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

9CVSS7.6AI score0.00473EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/12/21 1:21 a.m.66 views

CVE-2022-44643

Grafana Enterprise Metrics (GEM) suffers a label-based access control vulnerability where an access policy with label selector restrictions that also grants access to all tenants bypasses those restrictions. Affected are GEM 1.x < 1.7.1 and GEM 2.x

8.8CVSS7.1AI score0.00473EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/12/20 3:15 p.m.27 views

CVE-2022-44643

A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not ...

8.8CVSS0.00473EPSS
Exploits0References2
OSV
OSV
added 2022/12/20 3:15 p.m.6 views

CVE-2022-44643

A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not ...

8.8CVSS5.7AI score0.00473EPSS
Exploits0References2
Prion
Prion
added 2022/12/20 3:15 p.m.20 views

Design/Logic Flaw

A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not ...

6.5CVSS8.6AI score0.00473EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/20 12:0 a.m.6 views

PT-2022-7105 · Grafana · Grafana Enterprise Metrics

Name of the Vulnerable Software and Affected Versions: Grafana Enterprise Metrics versions prior to 1.7.1 Grafana Enterprise Metrics versions prior to 2.3.1 Description: The issue is related to the label-based access control in Grafana Enterprise Metrics, allowing an attacker to have more access...

9CVSS8.5AI score0.00473EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/12/20 12:0 a.m.6 views

Grafana 安全漏洞

Grafana is Grafana open source set of open source monitoring tools that provide a visual monitoring interface . The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus. A security vulnerability exists in Grafana Enterprise Metrics AMD64 versions prior to 1.7.1, prior to...

8.8CVSS7.9AI score0.00473EPSS
Exploits0References3
NVD
NVD
added 2021/04/30 1:15 p.m.25 views

CVE-2021-31231

The Alertmanager in Grafana Enterprise Metrics before 1.2.1 and Metrics Enterprise 1.2.1 has a local file disclosure vulnerability when experimental.alertmanager.enable-api is used. The HTTP basic auth passwordfile can be used as an attack vector to send any file content via a webhook. The...

5.5CVSS0.00277EPSS
Exploits0References5
OSV
OSV
added 2021/04/30 1:15 p.m.5 views

CVE-2021-31231

The Alertmanager in Grafana Enterprise Metrics before 1.2.1 and Metrics Enterprise 1.2.1 has a local file disclosure vulnerability when experimental.alertmanager.enable-api is used. The HTTP basic auth passwordfile can be used as an attack vector to send any file content via a webhook. The...

5.5CVSS6AI score0.00277EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/04/30 12:34 p.m.32 views

CVE-2021-31231

The Alertmanager in Grafana Enterprise Metrics before 1.2.1 and Metrics Enterprise 1.2.1 has a local file disclosure vulnerability when experimental.alertmanager.enable-api is used. The HTTP basic auth passwordfile can be used as an attack vector to send any file content via a webhook. The...

5.5AI score0.00277EPSS
Exploits0References5
CVE
CVE
added 2021/04/30 12:34 p.m.51 views

CVE-2021-31231

The CVE affects Grafana Enterprise Metrics versions before 1.2.1 and Grafana Metrics Enterprise 1.2.1. It is a local file disclosure vulnerability triggered when experimental.alertmanager.enable-api is enabled. The HTTP basic auth password_file can be exploited to exfiltrate any file content via ...

5.5CVSS5.3AI score0.00277EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2021/04/30 12:0 a.m.7 views

PT-2021-19211 · Grafana · Grafana Enterprise Metrics +1

Name of the Vulnerable Software and Affected Versions: Grafana Enterprise Metrics versions prior to 1.2.1 Metrics Enterprise version 1.2.1 Description: The issue allows for local file disclosure when the experimental.alertmanager.enable-api is used. The HTTP basic auth password file can be...

5.5CVSS5.3AI score0.00277EPSS
Exploits0References8
CNNVD
CNNVD
added 2021/04/30 12:0 a.m.6 views

Grafana 输入验证错误漏洞

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A security vulnerability exists in Grafana Enterprise Metrics versions prior to 1.2.1...

5.5CVSS5.8AI score0.00277EPSS
Exploits0References5
Rows per page
Query Builder