MiracleLinux 8 : grafana-6.7.4-3.el8 (AXSA:2021-1351:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1351:01 advisory. grafana: XSS vulnerability via a column style on the Dashboard Table Panel screen CVE-2018-18624 grafana: arbitrary file read via MySQL data source...

Linux Distros Unpatched Vulnerability : CVE-2020-12458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are wor...

SUSE CVE-2020-12458

An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information e.g., cleartext or encrypted datasource passwords...

grafana: information disclosure through world-readable /var/lib/grafana/grafana.db

An information-disclosure flaw was found in the way Grafana set permissions for the database directory and file. This flaw allows a local attacker access to potentially sensitive information such as cleartext or encrypted datasource passwords from /var/lib/grafana/grafana.db...

Grafana Information Disclosure Vulnerability (CNVD-2020-27229)

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. An information disclosure vulnerability exists in Grafana 6.7.3 and earlier versions,...