6 matches found
CVE-2023-36649
Insertion of sensitive information in the centralized Grafana logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate other users in web management and the REST API by reading JWT tokens from logs as a Granafa authenticated user or from the Loki REST API without...
CVE-2023-36649
Insertion of sensitive information in the centralized Grafana logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate other users in web management and the REST API by reading JWT tokens from logs as a Granafa authenticated user or from the Loki REST API without...
PT-2023-25652 · Grafana +1 · Loki +2
Name of the Vulnerable Software and Affected Versions: ProLion CryptoSpike version 3.0.15P2 Description: The issue allows remote attackers to impersonate other users in web management and the REST API by reading JWT tokens from logs as a Grafana authenticated user or from the Loki REST API withou...
SUSE CVE-2020-25678
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible...
OESA-2021-1100 ceph security update
Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage. Security Fixes: A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by...
DEBIAN-CVE-2020-25678
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible...