Lucene search
GoogleOSV:CVE-2020-12459HistoryApr 29, 2020 - 4:15 p.m.
CVE-2020-12459
2020-04-2916:15:11
Google
osv.dev
3
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
References
access.redhat.com/security/cve/CVE-2020-12459
bugzilla.redhat.com/show_bug.cgi?id=1829724
github.com/grafana/grafana/issues/8283
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/
security.netapp.com/advisory/ntap-20200518-0004/
src.fedoraproject.org/rpms/grafana/c/fab93d67363eb0a9678d9faf160cc88237f26277
Related
redhatcve
redhatcve
CVE-2020-12459
2020-04-30 08:11:18
osv
osv
Grafana world readable configuration files
2022-05-24 17:16:52
BIT-grafana-2020-12459
2024-03-06 11:01:12
Grafana world readable configuration files in github.com/grafana/grafana
2024-07-02 19:23:51
nvd
nvd
CVE-2020-12459
2020-04-29 16:15:11
cve
cve
CVE-2020-12459
2020-04-29 16:15:11
veracode
veracode
Information Disclosure
2020-06-03 04:17:51
cvelist
cvelist
CVE-2020-12459
2020-04-29 15:56:56
prion
prion
Design/Logic Flaw
2020-04-29 16:15:00
github
github
Grafana world readable configuration files
2022-05-24 17:16:52
openvas
openvas
Fedora: Security Advisory for grafana (FEDORA-2020-c6b0c7ebbb)
2020-05-15 00:00:00
Fedora: Security Advisory for grafana (FEDORA-2020-d109a1d1d9)
2020-05-15 00:00:00
Fedora: Security Advisory for grafana (FEDORA-2020-a09e5be0be)
2020-06-23 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: grafana-6.7.3-1.fc32
2020-05-14 02:36:58
[SECURITY] Fedora 31 Update: grafana-6.7.3-1.fc31
2020-05-14 02:29:55
[SECURITY] Fedora 32 Update: grafana-6.7.4-1.fc32
2020-06-16 01:31:15
nessus
nessus
Fedora 31 : grafana (2020-d109a1d1d9)
2020-05-14 00:00:00
RHEL 7 / 8 : Red Hat OpenShift Service Mesh (RHSA-2020:2362)
2020-06-03 00:00:00
CentOS 8 : grafana (CESA-2020:4682)
2021-02-01 00:00:00
redhat
redhat
(RHSA-2020:2362) Moderate: Red Hat OpenShift Service Mesh security update
2020-06-02 15:21:32
(RHSA-2020:4682) Moderate: grafana security, bug fix, and enhancement update
2020-11-03 12:26:41
almalinux
almalinux
Moderate: grafana security, bug fix, and enhancement update
2020-11-03 12:26:41
oraclelinux
oraclelinux
grafana security, bug fix, and enhancement update
2020-11-10 00:00:00