Vulnerabilities > Grafana > Grafana > 1.3.0

DATE CVE VULNERABILITY TITLE RISK
2023-01-27 CVE-2022-39324 Cross-site Scripting vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana CWE-79
3.5
3.5
2022-11-09 CVE-2022-39307 Information Exposure Through an Error Message vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana CWE-209
5.3
5.3
2022-10-13 CVE-2022-31130 Insufficiently Protected Credentials vulnerability in Grafana
Grafana is an open source observability and data visualization platform.
network
low complexity
grafana CWE-522
7.5
7.5
2022-10-13 CVE-2022-39229 Improper Authentication vulnerability in Grafana
Grafana is an open source data visualization platform for metrics, logs, and traces.
network
low complexity
grafana CWE-287
4.3
4.3
2022-09-22 CVE-2022-36062 Improper Preservation of Permissions vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana CWE-281
3.8
3.8
2022-09-20 CVE-2022-35957 Authentication Bypass by Spoofing vulnerability in multiple products
Grafana is an open-source platform for monitoring and observability.
network
high complexity
grafana fedoraproject CWE-290
6.6
6.6
2022-05-20 CVE-2022-28660 Missing Authentication for Critical Function vulnerability in Grafana 1.1.0/1.2.0/1.3.0
The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used.
network
low complexity
grafana CWE-306
critical
 9.8
9.8
2022-03-21 CVE-2022-26148 Cleartext Storage of Sensitive Information vulnerability in multiple products
An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix.
network
low complexity
grafana redhat CWE-312
7.5
7.5
2021-12-10 CVE-2021-43815 Path Traversal vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
grafana CWE-22
3.5
3.5
2021-10-05 CVE-2021-39226 Improper Authentication vulnerability in multiple products
Grafana is an open source data visualization platform.
network
low complexity
grafana fedoraproject CWE-287
7.3
7.3