HomePentest-Tools.com Logo

Grafana 4.1.0 < 4.6.5, 5.0 < 5.3.3 Information Disclosure Vulnerability CVE-2018-19039

Severity
CVSSv3 Score
6.5
Vulnerability description

Grafana is prone to an information disclosure vulnerability.

Risk description

The vulnerability allows any users with Editor or Admin permissions in Grafana to read any file that the Grafana process can read from the filesystem. Successful exploitation of these vulnerabilities could lead to disclosure of sensitive information or addition or modification of data.

Recommendation

Update to version 4.6.5 or 5.3.3 respectively.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 13, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available