HomePentest-Tools.com Logo

Grafana < 9.4.12, 9.5.0 < 9.5.3 DoS Vulnerability CVE-2023-2801

Severity
CVSSv3 Score
5.3
Vulnerability description

Grafana is prone to a denial of service (DoS) vulnerability.

Risk description

Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance. The only feature that uses mixed queries at the moment is public dashboards, but its also possible to cause this by calling the query API directly. This might enable malicious users to crash Grafana instances through that endpoint.

Recommendation

Update to version 9.4.12, 9.5.3 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 6, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available