CVE-2024-1313 | Grafana up to 9.5.17/10.0.12/10.1.8/10.2.5/10.3.4 Delete Request /api/snapshots/ authorization

Inserito da Angelo Barbosa | Mar 26, 2024 | CVE

A vulnerability has been found in Grafana up to 9.5.17/10.0.12/10.1.8/10.2.5/10.3.4 and classified as problematic. This vulnerability affects unknown code of the file /api/snapshots/ of the component Delete Request Handler. The manipulation leads to authorization bypass.

This vulnerability was named CVE-2024-1313. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-1313 | Grafana up to 9.5.17/10.0.12/10.1.8/10.2.5/10.3.4 Delete Request /api/snapshots/ authorization

Post correlati

CVE-2024-35207 | Siemens SINEC Traffic Analyzer up to 1.1 Web Interface cross-site request forgery (ssa-196737)

CVE-2024-25600 | Bricks Plugin up to 1.9.6 on WordPress improper authentication

CVE-2024-7158 | TOTOLINK A3100R 4.1.2cu.5050_B20200504 HTTP POST Request /cgi-bin/cstecgi.cgi setTelnetCfg telnet_enabled command injection

CVE-2024-37488 | HelloAsso Plugin up to 1.1.9 on WordPress cross site scripting