10 matches found
CVE-2021-41090
Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. Prior to versions 0.20.1 and 0.21.2, inline secrets defined within a metrics instance config are exposed in plaintext over two endpoints: metrics instance configs defin...
EUVD-2021-2493
Malware in sbrugna...
Grafana Information Disclosure Vulnerability (CNVD-2021-101998)
Grafana is a set of open source monitoring tools from Grafana Labs that provides a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, etc. An information disclosure vulnerability exists in Grafana Agent versions 0.20.1 and earlier an...
Instance config inline secret exposure in Grafana
Impact Some inline secrets are exposed in plaintext over the Grafana Agent HTTP server: Inline secrets for metrics instance configs in the base YAML file are exposed at /-/config Inline secrets for integrations are exposed at /-/config Inline secrets for Consul ACL tokens and ETCD basic auth when...
CVE-2021-41090
Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. Prior to versions 0.20.1 and 0.21.2, inline secrets defined within a metrics instance config are exposed in plaintext over two endpoints: metrics instance configs defin...
CVE-2021-41090
Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. Prior to versions 0.20.1 and 0.21.2, inline secrets defined within a metrics instance config are exposed in plaintext over two endpoints: metrics instance configs defin...
Authentication flaw
Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. Prior to versions 0.20.1 and 0.21.2, inline secrets defined within a metrics instance config are exposed in plaintext over two endpoints: metrics instance configs defin...
CVE-2021-41090 Instance config inline secret exposure
Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. Prior to versions 0.20.1 and 0.21.2, inline secrets defined within a metrics instance config are exposed in plaintext over two endpoints: metrics instance configs defin...
PT-2021-23081 · Grafana · Grafana Agent
Name of the Vulnerable Software and Affected Versions: Grafana Agent versions prior to 0.20.1 and 0.21.2 Description: The issue concerns the exposure of inline secrets in plaintext over two endpoints: /-/config for metrics instance configs defined in the base YAML file and...
Grafana信息泄露漏洞
Grafana is a set of open source monitoring tools from Grafana Labs that provides a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, etc. An information disclosure vulnerability exists in Grafana Agent versions 0.20.1 and earlier an...