Description

The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.

Remediation

References

CVE-2021-27358

Related Vulnerabilities

WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.7)

MySQL CVE-2024-21051 Vulnerability (CVE-2024-21051)

WordPress Plugin FCChat Widget 'path' Parameter Cross-Site Scripting (2.1.7)

WordPress Plugin Postie 'From' Field Cross-Site Scripting (1.4.3)

Microsoft SQL Server CVE-2023-23384 Vulnerability (CVE-2023-23384)

Severity

High

Classification

CVE-2021-27358 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities