Security News > 2024 > December > Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online
2024-12-12 14:24
Cybersecurity researchers are warning that thousands of servers hosting the Prometheus monitoring and alerting toolkit are at risk of information leakage and exposure to denial-of-service (DoS) as well as remote code execution (RCE) attacks. "Prometheus servers or exporters, often lacking proper authentication, allowed attackers to easily gather sensitive information, such as credentials and API
News URL
https://thehackernews.com/2024/12/296000-prometheus-instances-exposed.html
Related vendor
VENDOR | LAST 12M | #/PRODUCTS | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
---|---|---|---|---|---|---|---|
Prometheus | 5 | 0 | 4 | 3 | 0 | 7 |