Grafana

Grafana

117 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.32%
  • Veröffentlicht 12.04.2022 17:15:09
  • Zuletzt bearbeitet 21.11.2024 06:51:09

Grafana is an open-source platform for monitoring and observability. When fine-grained access control is enabled and a client uses Grafana API Key to make requests, the permissions for that API Key are cached for 30 seconds for the given organization...

Exploit
  • EPSS 53.44%
  • Veröffentlicht 21.03.2022 20:15:14
  • Zuletzt bearbeitet 21.11.2024 06:53:31

An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source cod...

  • EPSS 2.28%
  • Veröffentlicht 08.02.2022 21:15:20
  • Zuletzt bearbeitet 21.11.2024 06:45:16

Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attackers to elevate their privileges by mounting cross-origin attacks against authenticated...

  • EPSS 1.19%
  • Veröffentlicht 08.02.2022 21:15:20
  • Zuletzt bearbeitet 21.11.2024 06:45:17

Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated attacker to view unintended ...

Exploit
  • EPSS 2.36%
  • Veröffentlicht 08.02.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:45:16

Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and exe...

  • EPSS 2.01%
  • Veröffentlicht 18.01.2022 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:45:12

Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will for...

  • EPSS 1.77%
  • Veröffentlicht 10.12.2021 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:29:51

Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data...

  • EPSS 57.99%
  • Veröffentlicht 10.12.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:29:50

Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and ...

Warnung Exploit
  • EPSS 88.85%
  • Veröffentlicht 07.12.2021 19:15:07
  • Zuletzt bearbeitet 24.10.2025 14:47:13

Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana...

  • EPSS 2.83%
  • Veröffentlicht 15.11.2021 20:15:19
  • Zuletzt bearbeitet 21.11.2024 06:25:51

Grafana is an open-source platform for monitoring and observability. In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users fro...