CVE-2022-23498|Grafana is an open-source platform... - VULHUB开源网络安全威胁库

Grafana is an open-source platform... CVE-2022-23498

- AV AC AU C I A

发布： 2023-02-03

修订： 2024-11-21

CWE-200
CVE
denialofservice
vulnerability
xss

Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the vulnerability you can disable datasource query caching for all datasources. This issue has been patched in versions 9.2.10 and 9.3.4.

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有4条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

VULHUB ™

Grafana is an open-source platform... CVE-2022-23498

漏洞利用/PoC

受影响的平台与产品

贡献用户

相关漏洞清单