Grafana is an open-source platform for monitoring and observability.
In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts.
However, the restriction can be bypassed used punycode encoding of the characters in the request address.
Metrics
Affected Vendors & Products
References
History
Tue, 03 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: GRAFANA
Published: 2023-10-17T07:09:03.015Z
Updated: 2024-12-03T14:42:21.688Z
Reserved: 2023-08-17T10:06:35.187Z
Link: CVE-2023-4399
Vulnrichment
Updated: 2024-08-02T07:24:04.622Z
NVD
Status : Modified
Published: 2023-10-17T08:15:09.553
Modified: 2024-11-21T08:35:03.993
Link: CVE-2023-4399
Redhat
No data.