exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2023-4399

больше 1 года назад

Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the characters in the request address.

CVSS3: 6.6

EPSS: Низкий

CVE-2023-4399

больше 1 года назад

Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the characters in the request address.

CVSS3: 6.6

EPSS: Низкий

CVE-2023-4399

больше 1 года назад

Grafana is an open-source platform for monitoring and observability. ...

CVSS3: 6.6

EPSS: Низкий

GHSA-6676-9pqr-4cw3

больше 1 года назад

Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the characters in the request address.

CVSS3: 6.6

EPSS: Низкий

BDU:2024-02599

больше 1 года назад

Уязвимость платформы для мониторинга и наблюдения Grafana, связанная с недостатками списка контроля доступом (ACL), позволяющая нарушителю обойти существующие ограничения доступа

CVSS3: 7.2

EPSS: Низкий

ROS-20240403-01

около 1 года назад

Множественные уязвимости grafana

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-4399 Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the characters in the request address.	CVSS3: 6.6	0% Низкий	больше 1 года назад
CVE-2023-4399 Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the characters in the request address.	CVSS3: 6.6	0% Низкий	больше 1 года назад
CVE-2023-4399 Grafana is an open-source platform for monitoring and observability. ...	CVSS3: 6.6	0% Низкий	больше 1 года назад
GHSA-6676-9pqr-4cw3 Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the characters in the request address.	CVSS3: 6.6	0% Низкий	больше 1 года назад
BDU:2024-02599 Уязвимость платформы для мониторинга и наблюдения Grafana, связанная с недостатками списка контроля доступом (ACL), позволяющая нарушителю обойти существующие ограничения доступа	CVSS3: 7.2	0% Низкий	больше 1 года назад
ROS-20240403-01 Множественные уязвимости grafana	CVSS3: 9.8		около 1 года назад

Уязвимостей на страницу