Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-12458

Опубликовано: 29 апр. 2020
Источник: debian
EPSS Низкий

Описание

An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).

Пакеты

ПакетСтатусВерсия исправленияРелизТип
grafanaremovedpackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=1827765

  • https://github.com/grafana/grafana/issues/8283

EPSS

Процентиль: 16%
0.00052
Низкий

Связанные уязвимости

CVSS3: 5.5
ubuntu
больше 5 лет назад

An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).

CVSS3: 6.2
redhat
больше 5 лет назад

An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).

CVSS3: 5.5
nvd
больше 5 лет назад

An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).

CVSS3: 5.5
github
около 3 лет назад

Grafana information disclosure

oracle-oval
больше 4 лет назад

ELSA-2020-4682: grafana security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 16%
0.00052
Низкий