Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-15043 PoC — Grafana 访问控制错误漏洞

Source
https://github.com/h0ffayyy/CVE-2019-15043
Associated Vulnerability
Title:Grafana 访问控制错误漏洞 (CVE-2019-15043)
Description:Grafana是Grafana实验室的一套提供可视化监控界面的开源监控工具。该工具主要用于监控和分析Graphite、InfluxDB和Prometheus等。 Grafana 2.x至6.x版本(6.34版本已修复)中存在安全漏洞。攻击者可利用该漏洞导致拒绝服务。
Description
POC scanner for the Grafana vulnerability CVE-2019-15043
Readme
# CVE-2019-15043 POC

## Description

Proof of concept scan to check if a Grafana server is vulnerable to CVE-2019-15043. Checks the Grafana server version number and checks to see if the snapshot API allows for unauthenticated requests. 

### CVE-2019-15043

CVE-2019-15043 is a Denial-of-service vulnerability found in the Grafana snapshots API. 

This vulnerability was fixed in versions 5.4.5 and 6.3.4.

## Requirements

Only needs the requests library.

Install with `pip3 install requests`

## Usage

```
$ ./cve-2019-15043.py -h
usage: cve-2019-15043.py [-h] [-u URL] [-c]

For checking if a Grafana instance is vunlerable to CVE-2019-15043

optional arguments:
  -h, --help           show this help message and exit
  -u URL, --url URL    URL of the target Grafana instance e.g. '-u
                       https://localhost:3000'
  -c, --check-version  Only check the Grafana versio
```

## Example Output

Checking only version number:
```
$ ./cve-2019-15043.py -u http://192.168.3.38:3000 -c
[-] Testing http://192.168.3.38:3000...
[-] Status: 200
[-] Checking for version...
[-] Grafana version appears to be: 6.3.3
[+] Version seems to indicate it might be vulnerable!
```

```
$ ./cve-2019-15043.py -u http://192.168.3.38:3000 -c
[-] Testing http://192.168.3.38:3000...
[-] Status: 200
[-] Checking for version...
[-] Grafana version appears to be: 6.3.4
[!] Version seems to indicate it's probably not vulnerable.
```

Checking if snapshot API requires authentication:
```
$ ./cve-2019-15043.py -u http://192.168.3.38:3000
[-] Testing http://192.168.3.38:3000...
[-] Status: 200
[-] Checking for version...
[-] Grafana version appears to be: 6.3.3
[+] Version seems to indicate it might be vulnerable!
[-] Checking if snapshot api requires authentiation...
[+] Snapshot endpoint doesn't seem to require authentication! Host may be vulnerable.
```

```
./cve-2019-15043.py -u http://192.168.3.38:3000
[-] Testing http://192.168.3.38:3000...
[-] Status: 200
[-] Checking for version...
[-] Grafana version appears to be: 6.3.4
[!] Version seems to indicate it's probably not vulnerable.
[-] Checking if snapshot api requires authentiation...
[!] Status: 401
[!] Snapshot endpoint requires authentication! Host not vulnerable.
```

## References
* https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/
* https://bugzilla.redhat.com/show_bug.cgi?id=1746945
File Snapshot

 [4.0K]  /data/pocs/3fd8ab63f194cdf95cc7a7e07f68a1b17fc37098
├── [3.9K]  cve-2019-15043.py
├── [1.0K]  LICENSE
├── [2.4K]  README.md
└── [  78]  requirements.txt

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.