Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2020:2641
HistoryJun 22, 2020 - 6:50 a.m.

(RHSA-2020:2641) Important: grafana security update

2020-06-2206:50:20
access.redhat.com
49

0.717 High

EPSS

Percentile

98.1%

JSON

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.

Security Fix(es):

  • grafana: SSRF incorrect access control vulnerability allows unauthenticated users to make grafana send HTTP requests to any URL (CVE-2020-13379)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64grafana-graphite< 6.3.6-2.el8_2grafana-graphite-6.3.6-2.el8_2.x86_64.rpm
RedHat8ppc64legrafana-graphite< 6.3.6-2.el8_2grafana-graphite-6.3.6-2.el8_2.ppc64le.rpm
RedHat8x86_64grafana-postgres< 6.3.6-2.el8_2grafana-postgres-6.3.6-2.el8_2.x86_64.rpm
RedHat8ppc64legrafana-stackdriver< 6.3.6-2.el8_2grafana-stackdriver-6.3.6-2.el8_2.ppc64le.rpm
RedHat8s390xgrafana-mssql< 6.3.6-2.el8_2grafana-mssql-6.3.6-2.el8_2.s390x.rpm
RedHat8s390xgrafana-graphite< 6.3.6-2.el8_2grafana-graphite-6.3.6-2.el8_2.s390x.rpm
RedHat8s390xgrafana-loki< 6.3.6-2.el8_2grafana-loki-6.3.6-2.el8_2.s390x.rpm
RedHat8x86_64grafana-mssql< 6.3.6-2.el8_2grafana-mssql-6.3.6-2.el8_2.x86_64.rpm
RedHat8x86_64grafana-opentsdb< 6.3.6-2.el8_2grafana-opentsdb-6.3.6-2.el8_2.x86_64.rpm
RedHat8x86_64grafana< 6.3.6-2.el8_2grafana-6.3.6-2.el8_2.x86_64.rpm
Rows per page:
1-10 of 561

Related

nessus 14
cve 1
osv 3
packetstorm 1
avleonov 1
oraclelinux 3
redhat 7
zdt 1
prion 1
veracode 1
github 1
attackerkb 1
altlinux 2
openvas 6
alpinelinux 1
redhatcve 1
nvd 1
cvelist 1
ubuntucve 1
nuclei 1
exploitdb 1
suse 4
fedora 2
nessus
nessus
CentOS 8 : grafana (CESA-2020:2641)
2021-02-01 00:00:00
Oracle Linux 8 : grafana (ELSA-2020-2641)
2020-06-24 00:00:00
Fedora 31 : grafana (2020-e6e81a03d6)
2020-06-17 00:00:00
cve
cve
CVE-2020-13379
2020-06-03 19:15:10
osv
osv
BIT-grafana-2020-13379
2024-03-06 11:01:01
CVE-2020-13379
2020-06-03 19:15:10
Server Side Request Forgery in Grafana
2022-02-15 01:57:18
packetstorm
packetstorm
Grafana 7.0.1 Denial Of Service
2020-07-06 00:00:00
avleonov
avleonov
How to list, create, update and delete Grafana dashboards via API
2020-06-10 00:46:05
oraclelinux
oraclelinux
grafana security update
2020-06-22 00:00:00
grafana kubernetes-cni kubernetes-cni-plugins kubernetes kubernetes olcne security update
2020-06-12 00:00:00
grafana security, bug fix, and enhancement update
2020-11-10 00:00:00
redhat
redhat
(RHSA-2020:2676) Important: grafana security update
2020-06-23 12:35:52
(RHSA-2020:2792) Moderate: OpenShift Container Platform 4.4.11 grafana-container security update
2020-07-06 20:05:13
(RHSA-2020:5599) Important: web-admin-build security and bug fix update
2020-12-17 04:13:39
zdt
zdt
Grafana 7.0.1 - Denial of Service Exploit
2020-07-07 00:00:00
prion
prion
Design/Logic Flaw
2020-06-03 19:15:00
veracode
veracode
Server-Side Request Forgery (SSRF)
2020-06-04 04:20:58
github
github
Server Side Request Forgery in Grafana
2022-02-15 01:57:18
attackerkb
attackerkb
CVE-2020-13379
2020-06-03 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package grafana version 7.0.3-alt1
2020-06-04 00:00:00
Security fix for the ALT Linux 9 package grafana version 7.0.3-alt1
2020-06-04 00:00:00
openvas
openvas
Grafana 3.0.1 < 6.7.4, 7.0 < 7.0.2 SSRF Vulnerability
2020-06-08 00:00:00
Fedora: Security Advisory for grafana (FEDORA-2020-a09e5be0be)
2020-06-23 00:00:00
openSUSE: Security Advisory for grafana, (openSUSE-SU-2020:0892-1)
2020-06-29 00:00:00
alpinelinux
alpinelinux
CVE-2020-13379
2020-06-03 19:15:10
redhatcve
redhatcve
CVE-2020-13379
2020-06-03 17:21:50
nvd
nvd
CVE-2020-13379
2020-06-03 19:15:10
cvelist
cvelist
CVE-2020-13379
2020-06-03 18:41:09
ubuntucve
ubuntucve
CVE-2020-13379
2020-06-03 00:00:00
nuclei
nuclei
Grafana 3.0.1-7.0.1 - Server-Side Request Forgery
2022-12-08 00:39:09
exploitdb
exploitdb
Grafana 7.0.1 - Denial of Service (PoC)
2020-07-06 00:00:00
suse
suse
Security update for grafana (moderate)
2020-10-10 00:00:00
Security update for grafana, grafana-piechart-panel, grafana-status-panel (moderate)
2020-06-28 00:00:00
Security update for SUSE Manager Client Tools (moderate)
2020-07-27 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: grafana-6.7.4-1.fc32
2020-06-16 01:31:15
[SECURITY] Fedora 31 Update: grafana-6.7.4-1.fc31
2020-06-15 02:07:15

0.717 High

EPSS

Percentile

98.1%

JSON
Related for RHSA-2020:2641
nessus14cve1osv3packetstorm1avleonov1oraclelinux3redhat7zdt1prion1veracode1github1attackerkb1altlinux2openvas6alpinelinux1redhatcve1nvd1cvelist1ubuntucve1nuclei1exploitdb1suse4fedora2