GHSA-4pwp-cx67-5cpx

Опубликовано: 31 янв. 2024

Источник: github

Github: Прошло ревью

CVSS4: 5.7

CVSS3: 6.5

Описание

Grafana Arbitrary File Read

Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.

Ссылки

Пакеты

Наименование

github.com/grafana/grafana

Затронутые версииВерсия исправления

< 6.4.4

6.4.4

EPSS

Процентиль: 97%

0.37437

Средний

5.7 Medium

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2019-19499

Дефекты

CWE-200

CWE-22

CWE-89

Связанные уязвимости

CVE-2019-19499

CVSS3: 6.5

ubuntu

почти 5 лет назад

Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.

CVE-2019-19499

CVSS3: 6.5

redhat

почти 5 лет назад

Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.

CVE-2019-19499

CVSS3: 6.5

nvd

почти 5 лет назад

Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.

CVE-2019-19499

CVSS3: 6.5

debian

почти 5 лет назад

Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could ...

ELSA-2020-4682

oracle-oval

больше 4 лет назад

ELSA-2020-4682: grafana security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 97%

0.37437

Средний

5.7 Medium

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2019-19499

Дефекты

CWE-200

CWE-22

CWE-89