Описание
The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
Ссылки
- Release NotesThird Party Advisory
- Release NotesThird Party Advisory
- Release NotesVendor Advisory
- Third Party Advisory
- Release NotesThird Party Advisory
- Release NotesThird Party Advisory
- Release NotesVendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.7.3 (включая) до 7.4.1 (включая)
cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.72805
Высокий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 4 лет назад
The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
CVSS3: 7.5
redhat
больше 4 лет назад
The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
CVSS3: 7.5
debian
больше 4 лет назад
The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unaut ...
EPSS
Процентиль: 99%
0.72805
Высокий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo