Description
Due to a vulnerability in Grafana, an attacker can use it to perform a path traversal attack and access sensitive information on the server, which may lead to a takeover of the server.
Remediation
Upgrade to the latest version of Grafana
References
Related Vulnerabilities
WordPress Plugin BuddyPress Information Disclosure (5.1.1)
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12167)
WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.9)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1643)