Lucene search
PRIOn knowledge basePRION:CVE-2018-19039HistoryDec 13, 2018 - 7:29 p.m.
Code injection
2018-12-1319:29:00
PRIOn knowledge base
www.prio-n.com
3
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
| CPE | Name | Operator | Version |
|---|---|---|---|
| grafana | lt | 4.6.5 | |
| grafana | ge | 5.0.0 | |
| grafana | lt | 5.3.3 | |
| ceph_storage | eq | 3.0 | |
| enterprise_linux_desktop | eq | 7.0 | |
| enterprise_linux_server | eq | 7.0 | |
| enterprise_linux_workstation | eq | 7.0 |
References
lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html
www.securityfocus.com/bid/105994
access.redhat.com/errata/RHSA-2019:0747
access.redhat.com/errata/RHSA-2019:0911
community.grafana.com/t/grafana-5-3-3-and-4-6-5-security-update/11961
security.netapp.com/advisory/ntap-20190416-0004/
www.percona.com/blog/2018/11/20/how-cve-2018-19039-affects-percona-monitoring-and-management/
Related
redhat
redhat
cve
cve
CVE-2018-19039
2018-12-13 19:29:00
checkpoint_advisories
checkpoint_advisories
Grafana Labs Arbitrary File Read (CVE-2018-19039)
2019-11-25 00:00:00
ubuntucve
ubuntucve
CVE-2018-19039
2018-12-13 00:00:00
redhatcve
redhatcve
CVE-2018-19039
2020-04-09 07:07:39
openvas
openvas
Grafana 4.1.0 < 4.6.5, 5.0 < 5.3.3 Information Disclosure Vulnerability
2019-07-01 00:00:00
veracode
veracode
Information Disclosure
2018-11-16 06:51:28
osv
osv
CVE-2018-19039
2018-12-13 19:29:00
cvelist
cvelist
CVE-2018-19039
2018-12-13 19:00:00
nvd
nvd
CVE-2018-19039
2018-12-13 19:29:00
nessus
nessus
RHEL 7 : Red Hat Ceph Storage 3.2 (RHSA-2019:0911)
2019-05-13 00:00:00
RHEL 7 : Red Hat Ceph Storage 2.5 (RHSA-2019:0747)
2019-04-12 00:00:00
archlinux
archlinux
[ASA-201811-15] grafana: arbitrary filesystem access
2018-11-15 00:00:00
suse
suse
Security update for grafana (moderate)
2020-10-04 00:00:00