Vulnerabilities > Grafana > Grafana > 7.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-15 | CVE-2022-31107 | Incorrect Authorization vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. | 7.5 |
2022-03-21 | CVE-2022-26148 | Cleartext Storage of Sensitive Information vulnerability in multiple products An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. | 7.5 |
2022-02-08 | CVE-2022-21703 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. | 8.8 |
2022-02-08 | CVE-2022-21713 | Authorization Bypass Through User-Controlled Key vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. | 4.3 |
2022-02-08 | CVE-2022-21702 | Cross-site Scripting vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. | 5.4 |
2021-12-10 | CVE-2021-43815 | Path Traversal vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 3.5 |
2021-12-10 | CVE-2021-43813 | Path Traversal vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 4.0 |
2021-10-05 | CVE-2021-39226 | Improper Authentication vulnerability in multiple products Grafana is an open source data visualization platform. | 7.3 |
2021-03-22 | CVE-2021-28148 | Missing Authentication for Critical Function vulnerability in Grafana One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. | 5.0 |
2021-03-22 | CVE-2021-28147 | Unspecified vulnerability in Grafana The team sync HTTP API in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 has an Incorrect Access Control issue. network grafana | 3.5 |