Lucene search
PRIOn knowledge basePRION:CVE-2020-12458HistoryApr 29, 2020 - 4:15 p.m.
Information disclosure
2020-04-2916:15:00
PRIOn knowledge base
www.prio-n.com
5
An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).
| CPE | Name | Operator | Version |
|---|---|---|---|
| fedora | eq | 31 | |
| fedora | eq | 32 | |
| grafana | le | 6.7.3 | |
| ceph_storage | eq | 3.0 | |
| ceph_storage | eq | 4.0 | |
| enterprise_linux | eq | 8.0 |
References
access.redhat.com/security/cve/CVE-2020-12458
bugzilla.redhat.com/show_bug.cgi?id=1827765
github.com/grafana/grafana/issues/8283
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/
security.netapp.com/advisory/ntap-20200518-0001/
Related
osv
osv
CVE-2020-12458
2020-04-29 16:15:11
Grafana information disclosure
2022-05-24 17:16:53
Grafana information disclosure in github.com/grafana/grafana
2024-06-28 15:28:53
github
github
Grafana information disclosure
2022-05-24 17:16:53
ubuntucve
ubuntucve
CVE-2020-12458
2020-04-29 00:00:00
cve
cve
CVE-2020-12458
2020-04-29 16:15:11
veracode
veracode
Information Disclosure
2020-11-05 03:17:53
altlinux
altlinux
Security fix for the ALT Linux 9 package grafana version 6.7.3-alt1
2020-05-15 00:00:00
Security fix for the ALT Linux 10 package grafana version 6.7.3-alt1
2020-05-15 00:00:00
cvelist
cvelist
CVE-2020-12458
2020-04-29 15:57:05
nvd
nvd
CVE-2020-12458
2020-04-29 16:15:11
redhatcve
redhatcve
CVE-2020-12458
2020-04-30 08:11:18
openvas
openvas
Fedora: Security Advisory for grafana (FEDORA-2020-c6b0c7ebbb)
2020-05-15 00:00:00
Fedora: Security Advisory for grafana (FEDORA-2020-d109a1d1d9)
2020-05-15 00:00:00
Fedora: Security Advisory for grafana (FEDORA-2020-a09e5be0be)
2020-06-23 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: grafana-6.7.3-1.fc32
2020-05-14 02:36:58
[SECURITY] Fedora 31 Update: grafana-6.7.3-1.fc31
2020-05-14 02:29:55
[SECURITY] Fedora 32 Update: grafana-6.7.4-1.fc32
2020-06-16 01:31:15
nessus
nessus
Fedora 31 : grafana (2020-d109a1d1d9)
2020-05-14 00:00:00
RHEL 8 : grafana (RHSA-2020:4682)
2020-11-04 00:00:00
CentOS 8 : grafana (CESA-2020:4682)
2021-02-01 00:00:00
almalinux
almalinux
Moderate: grafana security, bug fix, and enhancement update
2020-11-03 12:26:41
redhat
redhat
(RHSA-2020:4682) Moderate: grafana security, bug fix, and enhancement update
2020-11-03 12:26:41
oraclelinux
oraclelinux
grafana security, bug fix, and enhancement update
2020-11-10 00:00:00