Grafana — свободная программная система визуализации данных, ориентированная на данные систем ИТ-мониторинга.
Релизный цикл, информация об уязвимостях
График релизов
Количество 380
CVE-2021-27358
The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
CVE-2020-27846
A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-27846
A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-24303
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
CVE-2020-24303
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the Elast ...
CVE-2020-24303
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
CVE-2019-19499
Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.
CVE-2019-19499
Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could ...
CVE-2019-19499
Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.
CVE-2019-19499
Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2021-27358 The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set. | CVSS3: 7.5 | 73% Высокий | больше 4 лет назад |
 | CVE-2020-27846 A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | CVSS3: 9.8 | 15% Средний | больше 4 лет назад |
| CVE-2020-27846 A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | CVSS3: 9.8 | 15% Средний | больше 4 лет назад |
| CVE-2020-24303 Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource. | CVSS3: 6.1 | 1% Низкий | больше 4 лет назад |
| CVE-2020-24303 Grafana before 7.1.0-beta 1 allows XSS via a query alias for the Elast ... | CVSS3: 6.1 | 1% Низкий | больше 4 лет назад |
 | CVE-2020-24303 Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource. | CVSS3: 6.1 | 1% Низкий | больше 4 лет назад |
| CVE-2019-19499 Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations. | CVSS3: 6.5 | 37% Средний | почти 5 лет назад |
| CVE-2019-19499 Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could ... | CVSS3: 6.5 | 37% Средний | почти 5 лет назад |
| CVE-2019-19499 Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations. | CVSS3: 6.5 | 37% Средний | почти 5 лет назад |
| CVE-2019-19499 Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations. | CVSS3: 6.5 | 37% Средний | почти 5 лет назад |
Уязвимостей на страницу