In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
References
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:05
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-09-03 12:15
Updated : 2023-12-10 12:59
NVD link : CVE-2019-15043
Mitre link : CVE-2019-15043
CVE.ORG link : CVE-2019-15043
JSON object : View
Products Affected
grafana
- grafana
CWE
CWE-306
Missing Authentication for Critical Function