CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
43.5%
A vulnerability in the Google Sheets data source of the Grafana monitoring and surveillance platform is related to the failure to
handling error messages properly, potentially exposing the Google Sheet API key.
Exploitation of the vulnerability could allow an attacker acting remotely to gain access to the
sensitive data
A vulnerability in the Trace View pane of the Grafana web-based data presentation tool is related to insufficient protection of the web page structure when processing Google Sheet API key.
protection of the web page structure when processing attribute values and range resources. Exploitation
exploitation of the vulnerability could allow a remote attacker to escalate privileges and perform a cross-site scripted attack.
cross-site scripting attacks
A vulnerability in the Grafana web-based data submission tool is related to a lack of service data protection.
Exploitation of the vulnerability could allow a remote attacker to gain access to the session of the current user
current user