vulnerability

CentOS Linux: CVE-2018-18624: Moderate: grafana security, bug fix, and enhancement update (CESA-2020:4682)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Jun 2, 2020	Nov 5, 2020	May 25, 2023

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Jun 2, 2020

Added

Nov 5, 2020

Modified

May 25, 2023

Description

Grafana 5.3.1 has XSS via a column style on the "Dashboard > Table Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.

Solution(s)

centos-upgrade-grafanacentos-upgrade-grafana-azure-monitorcentos-upgrade-grafana-cloudwatchcentos-upgrade-grafana-debuginfocentos-upgrade-grafana-elasticsearchcentos-upgrade-grafana-graphitecentos-upgrade-grafana-influxdbcentos-upgrade-grafana-lokicentos-upgrade-grafana-mssqlcentos-upgrade-grafana-mysqlcentos-upgrade-grafana-opentsdbcentos-upgrade-grafana-postgrescentos-upgrade-grafana-prometheuscentos-upgrade-grafana-stackdriver

References

NVD-CVE-2018-18624

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today