Vulnerabilities > Grafana > High

DATE CVE VULNERABILITY TITLE RISK
2022-10-13 CVE-2022-39201 Unspecified vulnerability in Grafana
Grafana is an open source observability and data visualization platform.
network
low complexity
grafana
7.5
2022-10-13 CVE-2022-31123 Improper Verification of Cryptographic Signature vulnerability in multiple products
Grafana is an open source observability and data visualization platform.
local
low complexity
grafana netapp CWE-347
7.8
2022-09-02 CVE-2022-31176 Missing Authentication for Critical Function vulnerability in Grafana Grafana-Image-Renderer
Grafana Image Renderer is a Grafana backend plugin that handles rendering of panels & dashboards to PNGs using a headless browser (Chromium/Chrome).
network
low complexity
grafana CWE-306
8.1
2022-07-15 CVE-2022-31107 Incorrect Authorization vulnerability in multiple products
Grafana is an open-source platform for monitoring and observability.
network
high complexity
grafana netapp CWE-863
7.5
2022-07-15 CVE-2022-31097 Cross-site Scripting vulnerability in multiple products
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana netapp CWE-79
8.7
2022-06-17 CVE-2022-32276 Improper Authentication vulnerability in Grafana 8.4.3
Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI.
network
low complexity
grafana CWE-287
7.5
2022-06-06 CVE-2022-32275 Path Traversal vulnerability in Grafana 8.4.3
Grafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/..
network
low complexity
grafana CWE-22
7.5
2022-05-20 CVE-2022-29170 Open Redirect vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana CWE-601
8.5
2022-03-21 CVE-2022-26148 Cleartext Storage of Sensitive Information vulnerability in multiple products
An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix.
network
low complexity
grafana redhat CWE-312
7.5
2022-02-08 CVE-2022-21703 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana netapp fedoraproject CWE-352
8.8