Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-12052

Опубликовано: 27 апр. 2020
Источник: redhat
CVSS3: 6.1

Описание

Grafana version < 6.7.3 is vulnerable for annotation popup XSS.

A flaw was found in grafana. The software is vulnerable to an annotation popup XSS.

Отчет

This issue affects the version of the grafana package as shipped with Red Hat Ceph Storage (RHCS) version 2. Ceph-2 has reached End of Extended Life Cycle Support and no longer fixing moderates/lows.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Ceph Storage 2grafanaOut of support scope
Red Hat Ceph Storage 3grafanaAffected
Red Hat Ceph Storage 3grafana-containerAffected
Red Hat Ceph Storage 4rhceph/rhceph-4-dashboard-rhel8Affected
Red Hat OpenShift Container Platform 3.11openshift3/grafanaWill not fix
Red Hat Storage 3grafanaAffected
OpenShift Service Mesh 1.0servicemesh-grafanaFixedRHSA-2020:286107.07.2020
OpenShift Service Mesh 1.1servicemesh-grafanaFixedRHSA-2020:279601.07.2020
Red Hat Enterprise Linux 8grafanaFixedRHSA-2020:468204.11.2020
Red Hat OpenShift Container Platform 4.6openshift4/ose-grafanaFixedRHSA-2020:429827.10.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=1848089grafana: XSS annotation popup vulnerability

6.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-12052

CVSS3: 6.1
ubuntu
больше 5 лет назад

Grafana version < 6.7.3 is vulnerable for annotation popup XSS.

nvd логотип

CVE-2020-12052

CVSS3: 6.1
nvd
больше 5 лет назад

Grafana version < 6.7.3 is vulnerable for annotation popup XSS.

debian логотип

CVE-2020-12052

CVSS3: 6.1
debian
больше 5 лет назад

Grafana version < 6.7.3 is vulnerable for annotation popup XSS.

github логотип

GHSA-46x4-c48q-4248

github
около 3 лет назад

Grafana version < 6.7.3 is vulnerable for annotation popup XSS.

oracle-oval логотип

ELSA-2020-4682

oracle-oval
больше 4 лет назад

ELSA-2020-4682: grafana security, bug fix, and enhancement update (MODERATE)

6.1 Medium

CVSS3