Description

The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.

Remediation

References

CVE-2021-27358

Related Vulnerabilities

MySQL Resource Management Errors Vulnerability (CVE-2010-3837)

WordPress Plugin Top 10-Popular posts for WordPress Cross-Site Scripting (2.3.0)

MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2005-0004)

silverstripeCMS Incorrect Default Permissions Vulnerability (CVE-2020-6165)

Oracle Database Server Other Vulnerability (CVE-2001-0941)

Severity

High

Classification

CVE-2021-27358 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities