9 matches found
EUVD-2024-2596
Malicious code in bioql PyPI...
CVE-2024-6322
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...
BIT-GRAFANA-2024-6322
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...
CVE-2024-6322
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...
CVE-2024-6322
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...
UBUNTU-CVE-2024-6322
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...
CVE-2024-6322
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...
CVE-2024-6322
CVE-2024-6322 is documented as a Grafana-related issue where access control for plugin data sources protected by the ReqActions field in plugin.json can be bypassed if a user or service account has query access to any other data source. The root cause is that the ReqActions check is not scoped to...
PT-2024-37543 · Grafana · Grafana
Name of the Vulnerable Software and Affected Versions: Grafana versions 11.1.0 through 11.1.1 Grafana versions 11.1.2 through 11.1.3 Description: Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted...