Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public_mode" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the snapshot "public_mode" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss. This issue has been resolved in versions 8.1.6 and 7.5.11. If for some reason you cannot upgrade you can use a reverse proxy or similar to block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HFedora Project Fedora
OSFedoraproject3435Grafana
APPGrafana< 7.5.118.0.0 – 8.1.6 (bez)
CISA KEV — szczegółyi
- Dostawcai
- Grafana Labs
- Produkti
- Grafana
- Data dodania do KEVi
- 25 sierpnia 2022
- Termin remediation (USA)i
- 15 września 2022(po terminie)
Zastosuj aktualizacje zgodnie z instrukcjami producenta.
▸ Pokaż oryginał (EN)
Apply updates per vendor instructions.
Grafana zawiera lukę w uwierzytelnianiu, która pozwala uwierzytelnionym i nieuwierzytelnionym użytkownikom na przeglądanie i usuwanie wszystkich danych snapshot'ów, potencjalnie powodując całkowitą utratę danych snapshot'ów.
▸ Pokaż oryginał (EN)
Grafana contains an authentication bypass vulnerability that allows authenticated and unauthenticated users to view and delete all snapshot data, potentially resulting in complete snapshot data loss.
Powiązane podatności
PHP CGI argument injection – RCE na Windows przez mechanizm Best-Fit
Type Confusion w V8 (Google Chrome) — RCE przez spreparowaną stronę HTML
Type Confusion w silniku V8 Chrome — zdalne wykonanie kodu (RCE)
Use-after-free w Google Chrome Visuals umożliwiający ucieczkę z sandbox
Integer overflow w Skia w Google Chrome — sandbox escape