Количество 12
Количество 12
GHSA-ff5c-938w-8c9q
Grafana Escalation from admin to server admin when auth proxy is used
CVE-2022-35957
Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/
CVE-2022-35957
Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/
CVE-2022-35957
Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/
CVE-2022-35957
Grafana is an open-source platform for monitoring and observability. V ...
BDU:2024-02622
Уязвимость платформы для мониторинга и наблюдения Grafana, связанная с обходом аутентификации путем спуфинга, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность
ELSA-2023-2167
ELSA-2023-2167: grafana security and enhancement update (MODERATE)
SUSE-SU-2022:4437-1
Security update for SUSE Manager Client Tools
SUSE-SU-2022:4428-1
Security update for grafana
SUSE-SU-2023:2575-1
Security update for SUSE Manager Client Tools
SUSE-SU-2023:2578-1
Security update for SUSE Manager Client Tools
ROS-20240404-01
Множественные уязвимости grafana
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-ff5c-938w-8c9q Grafana Escalation from admin to server admin when auth proxy is used | CVSS3: 6.6 | 1% Низкий | около 1 года назад |
 | CVE-2022-35957 Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/ | CVSS3: 6.6 | 1% Низкий | больше 2 лет назад |
 | CVE-2022-35957 Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/ | CVSS3: 6.6 | 1% Низкий | больше 2 лет назад |
 | CVE-2022-35957 Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/ | CVSS3: 6.6 | 1% Низкий | больше 2 лет назад |
| CVE-2022-35957 Grafana is an open-source platform for monitoring and observability. V ... | CVSS3: 6.6 | 1% Низкий | больше 2 лет назад |
 | BDU:2024-02622 Уязвимость платформы для мониторинга и наблюдения Grafana, связанная с обходом аутентификации путем спуфинга, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность | CVSS3: 6.6 | 1% Низкий | больше 2 лет назад |
| ELSA-2023-2167 ELSA-2023-2167: grafana security and enhancement update (MODERATE) | около 2 лет назад | ||
 | SUSE-SU-2022:4437-1 Security update for SUSE Manager Client Tools | больше 2 лет назад | ||
| SUSE-SU-2022:4428-1 Security update for grafana | больше 2 лет назад | ||
| SUSE-SU-2023:2575-1 Security update for SUSE Manager Client Tools | почти 2 года назад | ||
| SUSE-SU-2023:2578-1 Security update for SUSE Manager Client Tools | почти 2 года назад | ||
 | ROS-20240404-01 Множественные уязвимости grafana | CVSS3: 9.4 | около 1 года назад |
Уязвимостей на страницу