Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the characters in the request address.
History

Tue, 03 Dec 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GRAFANA

Published: 2023-10-17T07:09:03.015Z

Updated: 2024-12-03T14:42:21.688Z

Reserved: 2023-08-17T10:06:35.187Z

Link: CVE-2023-4399

cve-icon Vulnrichment

Updated: 2024-08-02T07:24:04.622Z

cve-icon NVD

Status : Modified

Published: 2023-10-17T08:15:09.553

Modified: 2024-11-21T08:35:03.993

Link: CVE-2023-4399

cve-icon Redhat

No data.