[ASA-202112-11] grafana: directory traversal
diabonas at archlinux.org
Sun Dec 12 21:11:47 UTC 2021
Arch Linux Security Advisory ASA-202112-11
Date : 2021-12-11
CVE-ID : CVE-2021-43798 CVE-2021-43813 CVE-2021-43815
Package : grafana
Type : directory traversal
Remote : Yes
Link : https://security.archlinux.org/AVG-2609
The package grafana before version 8.3.1-1 is vulnerable to directory
Upgrade to 8.3.1-1.
# pacman -Syu "grafana>=8.3.1-1"
The problems have been fixed upstream in version 8.3.1.
- CVE-2021-43798 (directory traversal)
Grafana 8 before version 8.3.1 is vulnerable to directory traversal,
allowing access to local files. The vulnerable URL path is
<grafana_host_url>/public/plugins/<"plugin-id">, where <"plugin-id"> is
the plugin ID for any installed plugin.
- CVE-2021-43813 (directory traversal)
A security issue has been found in Grafana before version 8.3.2 through
which authenticated users could read out fully lowercase or fully
uppercase .md files through directory traversal. The vulnerable URL
path is: /api/plugins/.*/markdown/.* for .md files.
- CVE-2021-43815 (directory traversal)
A security issue has been found in Grafana 8 before version 8.3.2
through which authenticated users could read out arbitrary .csv files
through directory traversal. The vulnerable URL path is: /api/ds/query.
A remote attacker could access arbitrary local files on the server
through directory traversal.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the arch-security