Showing 1 - 3 of 3

CVE-2021-43798

Status Candidate

Overview

Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.

Related Files

Grafana Plugin Path Traversal: Posted Sep 1, 2024; Authored by h00die, jordyv | Site metasploit.com; Grafana versions 8.0.0-beta1 through 8.3.0 prior to 8.0.7, 8.1.8, 8.2.7, or 8.3.1 are vulnerable to directory traversal through the plugin URL. A valid plugin ID is required, but many are installed by default.; tags | exploit; advisories | CVE-2021-43798; SHA-256 | 9a1339320c6be6654d8bea7386ff041fd2641e68f9a4fbeae07e898d1d0b2068; Download | Favorite | View

Grafana 8.3.0 Directory Traversal / Arbitrary File Read: Posted Dec 9, 2021; Authored by s1gh; Grafana version 8.3.0 suffers from a directory traversal vulnerability that can allow for arbitrary file reading.; tags | exploit, arbitrary, file inclusion; advisories | CVE-2021-43798; SHA-256 | 9273519e26f2056463537ab66f8628cb91f138407ab75d06184d8d23d07ea50d; Download | Favorite | View

Grafana Arbitrary File Reading: Posted Dec 8, 2021; Authored by JAS502N | Site github.com; Grafana suffers from an unauthorized arbitrary file reading vulnerability. Version 8.3.1 addresses this issue.; tags | exploit, arbitrary; advisories | CVE-2021-43798; SHA-256 | 03758847d1cc50b64ba0545bbeb672ab0dab351105fe1fa058b3f6cde6f77d15; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 57 files
LiquidWorm 23 files
Debian 19 files
indoushka 15 files
Apple 9 files
Google Security Research 5 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2021-43798

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems