CVE-2018-19039
Description
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
9.218
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-19039 are affected in GrafanaEnterprise 4.6.4 | Windows |
| Vulnerabilities CVE-2018-19039 are affected in GrafanaEnterprise 5.3.2 | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-335779 | GrafanaEnterprise (10.3.1) |
| PATCH-335779 | GrafanaEnterprise (10.3.1) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234