Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service (DoS) attack against a Grafana Enterprise instance.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Grafana 访问控制错误漏洞
Vulnerability Description
Grafana是Grafana实验室的一套提供可视化监控界面的开源监控工具。该工具主要用于监控和分析Graphite、InfluxDB和Prometheus等。 Grafana 存在访问控制错误漏洞,该漏洞源于任何未经身份验证的用户都可以使用观察的HTTP API端点向该端点发送无限数量的请求,从而导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A