CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2023-40577 – Alertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpoint
https://notcve.org/view.php?id=CVE-2023-40577
25 Aug 2023 — Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51. Alertmanager gestiona alertas enviadas por aplicaciones cliente como el servidor Prometheus. Un atacante con permiso para realizar peticiones POST en el endpoint "/api/v1/alerts" podría s... • https://github.com/prometheus/alertmanager/security/advisories/GHSA-v86x-5fm3-5p7j • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26735
https://notcve.org/view.php?id=CVE-2023-26735
25 Apr 2023 — blackbox_exporter v0.23.0 was discovered to contain an access control issue in its probe interface. This vulnerability allows attackers to detect intranet ports and services, as well as download resources. NOTE: this is disputed by third parties because authentication can be configured. • http://blackboxexporter.com • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 3CVE-2022-46146 – Prometheus Exporter Toolkit vulnerable to basic authentication bypass
https://notcve.org/view.php?id=CVE-2022-46146
29 Nov 2022 — Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attacker must have access to the hashed password to use this functionality. Un usuario podía eliminar un perfil VPN del cliente móvil WARP en la plataforma iOS a pesar del... • http://www.openwall.com/lists/oss-security/2022/11/29/1 • CWE-287: Improper Authentication CWE-303: Incorrect Implementation of Authentication Algorithm CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2022-21698 – Uncontrolled Resource Consumption in promhttp
https://notcve.org/view.php?id=CVE-2022-21698
15 Feb 2022 — client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlig... • https://github.com/prometheus/client_golang/pull/962 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 86%CPEs: 3EXPL: 0CVE-2021-29622 – Arbitrary redirects under /new endpoint
https://notcve.org/view.php?id=CVE-2021-29622
19 May 2021 — Prometheus is an open-source monitoring system and time series database. In 2.23.0, Prometheus changed its default UI to the New ui. To ensure a seamless transition, the URL's prefixed by /new redirect to /. Due to a bug in the code, it is possible for an attacker to craft an URL that can redirect to any other URL, in the /new endpoint. If a user visits a prometheus server with a specially crafted address, they can be redirected to an arbitrary URL. • https://github.com/prometheus/prometheus/releases/tag/v2.26.1 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-16248
https://notcve.org/view.php?id=CVE-2020-16248
09 Aug 2020 — Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this might plausibly be interpreted as both intended functionality and also a vulnerability ** EN DISPUTA ** Prometheus Blackbox Exporter versiones hasta 0.17.0, permite un ataque de tipo SSRF de /probe?Target=. NOTA: la discusión de seguimiento sugiere que esto podría ser interpretado de manera plausible como una funcionalidad prevista y también como una vulnerabilidad • https://github.com/prometheus/blackbox_exporter/issues/669 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.1EPSS: 2%CPEs: 2EXPL: 0CVE-2019-3826
https://notcve.org/view.php?id=CVE-2019-3826
26 Mar 2019 — A stored, DOM based, cross-site scripting (XSS) flaw was found in Prometheus before version 2.7.1. An attacker could exploit this by convincing an authenticated user to visit a crafted URL on a Prometheus server, allowing for the execution and persistent storage of arbitrary scripts. Se ha detectado un error de Cross-Site Scripting (XSS) almacenado basado en DOM en Prometheus, en versiones anteriores a la 2.7.1. Un atacante podría explotar esta vulnerabilidad convenciendo a un usuario autenticado para que v... • https://access.redhat.com/errata/RHBA-2019:0327 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •