5
CVSSv2

CVE-2019-15043

Published: 03/09/2019 Updated: 28/07/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

In Grafana 2.x up to and including 6.x prior to 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.

Vulnerability Trend

Affected Products

Vendor Product Versions
GrafanaGrafana2.0.0, 2.0.1, 2.0.2, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.5.0, 2.6.0, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.1.0, 3.1.1, 4.0.0, 4.0.1, 4.0.2, 4.1.0, 4.1.1, 4.1.2, 4.2.0, 4.3.0, 4.3.1, 4.3.2, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.5.0, 4.5.1, 4.5.2, 4.6.0, 4.6.1, 4.6.2, 4.6.3, 4.6.4, 4.6.5, 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.1.0, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.5, 5.2.0, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.5, 5.3.0, 5.3.1, 5.3.2, 5.3.3, 5.3.4, 5.4.0, 5.4.1, 5.4.2, 5.4.3, 5.4.4, 6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.6, 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.3.0, 6.3.1, 6.3.2, 6.3.3

Vendor Advisories

Synopsis Moderate: grafana security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for grafana is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sy ...
Arch Linux Security Advisory ASA-201908-21 ========================================== Severity: Medium Date : 2019-08-30 CVE-ID : CVE-2019-15043 Package : grafana Type : denial of service Remote : Yes Link : securityarchlinuxorg/AVG-1034 Summary ======= The package grafana before version 634-1 is vulnerable to denial of se ...
This vulnerability allows any unauthenticated user/client to access the Grafana snapshot HTTP API and create a denial of service attack by posting large amounts of dashboard snapshot payloads to the /api/snapshotsHTTP API endpoint ...

Github Repositories

master 1 branch 0 tags Go to file Code Clone with HTTPS Use Git or checkout with SVN using the web URL. Download ZIP Launching GitHub Desktop If nothing happens, download GitHub Desktop and try again. Go back Launching GitHub Desktop If nothing happens, download GitHub Desktop and try again. Go back Launching Xcode If nothing happens, download Xcode and try again. Go back Launching Visual Studio If nothing happens, download the GitHub extension for Visual Studio and try again. Go back Latest commit h0ffayyy Initial commit … df11958 14 minutes ago Initial commit df11958 Git stats 1 commits Files Permalink Failed to load latest commit information. Type Name Latest commit message Commit time LICENSE Initial commit 14 minutes ago README.md Initial commit 14 minutes ago cve-2019-15043.py Initial commit 14 minutes ago requirements.txt Initial commit 14 minutes ago View code README.md CVE-2019-15043 POC Description Proof of concept scan to check if a Grafana server is vulnerable to CVE-2019-15043. Checks the Grafana server version number and checks to see if the snapshot API allows for unauthenticated requests. CVE-2019-15043 CVE-2019-15043 is a Denial-of-service vulnerability found in the Grafana snapshots API. This vulnerability was fixed in versions 5.4.5 and 6.3.4. Requirements Only needs the requests library. Install with pip3 install requests Usage $ ./cve-2019-15043.py -h usage: cve-2019-15043.py [-h] [-u URL] [-c] For checking if a Grafana instance is vunlerable to CVE-2019-15043 optional arguments: -h, --help show this help message and exit -u URL, --url URL URL of the target Grafana instance e.g. '-u https://localhost:3000' -c, --check-version Only check the Grafana versio Example Output Checking only version number: $ ./cve-2019-15043.py -u http://192.168.3.38:3000 -c [-] Testing http://192.168.3.38:3000... [-] Status: 200 [-] Checking for version... [-] Grafana version appears to be: 6.3.3 [+] Version seems to indicate it might be vulnerable! $ ./cve-2019-15043.py -u http://192.168.3.38:3000 -c [-] Testing http://192.168.3.38:3000... [-] Status: 200 [-] Checking for version... [-] Grafana version appears to be: 6.3.4 [!] Version seems to indicate it's probably not vulnerable. Checking if snapshot API requires authentication: $ ./cve-2019-15043.py -u http://192.168.3.38:3000 [-] Testing http://192.168.3.38:3000... [-] Status: 200 [-] Checking for version... [-] Grafana version appears to be: 6.3.3 [+] Version seems to indicate it might be vulnerable! [-] Checking if snapshot api requires authentiation... [+] Snapshot endpoint doesn't seem to require authentication! Host may be vulnerable. ./cve-2019-15043.py -u http://192.168.3.38:3000 [-] Testing http://192.168.3.38:3000... [-] Status: 200 [-] Checking for version... [-] Grafana version appears to be: 6.3.4 [!] Version seems to indicate it's probably not vulnerable. [-] Checking if snapshot api requires authentiation... [!] Status: 401 [!] Snapshot endpoint requires authentication! Host not vulnerable. References https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/ https://bugzilla.redhat.com/show_bug.cgi?id=1746945 About POC scanner for the Grafana vulnerability CVE-2019-15043 Resources Readme License MIT License Languages Python 100.0%