Описание
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
Ссылки
- Vendor Advisory
- Release Notes
- Release Notes
- Release NotesVendor Advisory
- Vendor Advisory
- Release Notes
- Release Notes
- Release NotesVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow u ...
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
ELSA-2020-1659: grafana security, bug fix, and enhancement update (MODERATE)
EPSS
7.5 High
CVSS3
5 Medium
CVSS2