Описание
In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.
A flaw was found in Grafana. The wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | grafana | Will not fix | ||
| Red Hat Enterprise Linux 9 | grafana | Will not fix | ||
| Red Hat Storage 3 | grafana | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
4.7 Medium
CVSS3
Связанные уязвимости
In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.
In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.
In Grafana, the wrong permission is applied to the alert rule write AP ...
In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.
Уязвимость реализации прикладного программного интерфейса Endpoint платформы для мониторинга и наблюдения Grafana, позволяющая нарушителю повысить свои привилегии
EPSS
4.7 Medium
CVSS3