Lines 1-3
Link Here
|
|
|
1 |
<vuln vid="757ee63b-269a-11ec-a616-6c3be5272acd"> |
2 |
<topic>Grafana -- Snapshot authentication bypass</topic> |
3 |
<affects> |
4 |
<package> |
5 |
<name>grafana8</name> |
6 |
<name>grafana7</name> |
7 |
<name>grafana6</name> |
8 |
<name>grafana</name> |
9 |
<range><ge>8.0.0</ge><lt>8.1.6</lt></range> |
10 |
<range><ge>2.0.1</ge><lt>7.5.11</lt></range> |
11 |
</package> |
12 |
</affects> |
13 |
<description> |
14 |
<body xmlns="http://www.w3.org/1999/xhtml"> |
15 |
<p>Grafana Labs reports:</p> |
16 |
<blockquote cite="https://grafana.com/blog/2021/10/05/grafana-7.5.11-and-8.1.6-released-with-critical-security-fix/"> |
17 |
<p>Unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths:</p> |
18 |
<ul> |
19 |
<li><code>/dashboard/snapshot/:key</code>, or</li> |
20 |
<li><code>/api/snapshots/:key</code></li> |
21 |
</ul> |
22 |
<p>If the snapshot "public_mode" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path:</p> |
23 |
<ul> |
24 |
<li><code>/api/snapshots-delete/:deleteKey</code></li> |
25 |
</ul> |
26 |
<p>Regardless of the snapshot "public_mode" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths:</p> |
27 |
<ul> |
28 |
<li><code>/api/snapshots/:key</code>, or</li> |
29 |
<li><code>/api/snapshots-delete/:deleteKey</code></li> |
30 |
</ul> |
31 |
<p>The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss.</p> |
32 |
</blockquote> |
33 |
</body> |
34 |
</description> |
35 |
<references> |
36 |
<cvename>CVE-2021-39226</cvename> |
37 |
<url>https://grafana.com/blog/2021/10/05/grafana-7.5.11-and-8.1.6-released-with-critical-security-fix/</url> |
38 |
</references> |
39 |
<dates> |
40 |
<discovery>2021-09-15</discovery> |
41 |
<entry>2021-10-06</entry> |
42 |
</dates> |
43 |
</vuln> |
44 |
|
1 |
<vuln vid="25b78bdd-25b8-11ec-a341-d4c9ef517024"> |
45 |
<vuln vid="25b78bdd-25b8-11ec-a341-d4c9ef517024"> |
2 |
<topic>Apache httpd -- Multiple vulnerabilities</topic> |
46 |
<topic>Apache httpd -- Multiple vulnerabilities</topic> |
3 |
<affects> |
47 |
<affects> |