Exposição de Grafana
Analytics70
score de exposição
141
sites usam
2
em exploração
6
críticos
CVEs
57 resultadosCVE-2023-22462MEDIUMStored XSS in Grafana Text pluginEPSS 1.6%CVE-2023-1387MEDIUMGrafana is an open-source platform for monitoring and observability.
Starting with the 9.1 branch, Grafana introduced the ability to searcEPSS 1.5%CVE-2023-6152MEDIUMA user changing their email after signing up and verifying it can change it without verification in profile settings.
The configuration optEPSS 1.4%CVE-2026-27876CRITICALRCE on Grafana via sqlExpressionsEPSS 1.3%CVE-2022-35957MEDIUMAuthentication Bypass in Grafana via auth proxy allowing escalation from admin to server adminEPSS 1.3%CVE-2022-39201MEDIUMData source and plugin proxy endpoints could leak the authentication cookie to some destination pluginsEPSS 1.2%CVE-2022-21713MEDIUMExposure of Sensitive Information in GrafanaEPSS 1.2%CVE-2022-23498HIGHWhen query caching is enabled in Grafana users can query another users sessionEPSS 1.1%CVE-2022-29170MEDIUMGrafana Enterprise datasource network restrictions bypass via HTTP redirectsEPSS 1.1%CVE-2023-2183MEDIUMGrafana is an open-source platform for monitoring and observability.
The option to send a test alert is not available from the user panel EPSS 1.0%CVE-2022-31130MEDIUMGrafana data source and plugin proxy endpoints leaking authentication tokens to some destination pluginsEPSS 1.0%CVE-2023-1410MEDIUMStored XSS in Graphite FunctionDescription tooltipEPSS 1.0%CVE-2022-39328CRITICALGrafana vulnerable to race condition allowing privilege escalationEPSS 0.9%CVE-2025-3415MEDIUMGrafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected anEPSS 0.9%CVE-2022-39324MEDIUMGrafana vulnerable to spoofing originalUrl of snapshotsEPSS 0.8%CVE-2022-39229MEDIUMGrafana users with email as a username can block other users from signing inEPSS 0.8%CVE-2024-1442MEDIUMUser with permissions to create a data source can CRUD all data sourcesEPSS 0.8%CVE-2022-23552HIGHGrafana stored XSS in FileUploader component EPSS 0.8%CVE-2023-2801HIGHGrafana is an open-source platform for monitoring and observability.
Using public dashboards users can query multiple distinct data sourceEPSS 0.7%CVE-2022-39306MEDIUMGrafana contains Improper Input ValidationEPSS 0.7%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →