Page 4 of 31 results (0.009 seconds)
CVSS: 6.5EPSS: 12%CPEs: 8EXPL: 0
CVSS: 6.5EPSS: 12%CPEs: 8EXPL: 0CVE-2018-19039 – grafana: File exfiltration
https://notcve.org/view.php?id=CVE-2018-19039
13 Dec 2018 — Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions. Grafana en versiones anteriores a la 4.6.5 y versiones 5.x anteriores a la 5.3.3 permite que usuarios autenticados remotos lean archivos arbitrarios aprovechando los permisos Editor o Admin. A security issue was found that could allow any users with Editor or Admin permissions in Grafana to read any file that the Grafana process can read from the filesystem. However,... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •