Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-12459

Disclosure Date: April 29, 2020 (last updated November 08, 2023)
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0