Description
Due to a vulnerability in Grafana, an attacker can use it to perform a path traversal attack and access sensitive information on the server, which may lead to a takeover of the server.
Remediation
Upgrade to the latest version of Grafana
References
Related Vulnerabilities
Unrestricted access to Kong Gateway API
MinIO Information Disclosure (CVE-2023-28432)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-25703)
SharePoint Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-1892)
Oracle JRE Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10356)