In certain Red Hat packages for Grafana 6.x up to and including 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
grafana grafana |
||
fedoraproject fedora 31 |
||
fedoraproject fedora 32 |