vulnerability
Red Hat: CVE-2019-15043: CVE-2019-15043 grafana: incorrect access control in snapshot HTTP API leads to denial of service (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Sep 3, 2019 | Apr 29, 2020 | Aug 11, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Sep 3, 2019
Added
Apr 29, 2020
Modified
Aug 11, 2025
Description
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
Solutions
redhat-upgrade-grafanaredhat-upgrade-grafana-azure-monitorredhat-upgrade-grafana-cloudwatchredhat-upgrade-grafana-debuginforedhat-upgrade-grafana-elasticsearchredhat-upgrade-grafana-graphiteredhat-upgrade-grafana-influxdbredhat-upgrade-grafana-lokiredhat-upgrade-grafana-mssqlredhat-upgrade-grafana-mysqlredhat-upgrade-grafana-opentsdbredhat-upgrade-grafana-postgresredhat-upgrade-grafana-prometheusredhat-upgrade-grafana-stackdriver
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.