CVE-2019-15043

In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-09-03 12:15

Updated : 2020-10-04 18:15


NVD link : CVE-2019-15043

Mitre link : CVE-2019-15043


JSON object : View

Products Affected

grafana

  • grafana
CWE
CWE-306

Missing Authentication for Critical Function