2 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-6322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associate...
Grafana plugins route actions are not scoped to instance
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...