Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2020-12458

An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.redha...
MISC: https://github.com/gra...
CONFIRM: https://access.redhat....
FEDORA: FEDORA-2020-c6b0c7ebbb
FEDORA: FEDORA-2020-d109a1d1d9
CONFIRM: https://security.netap...

Launchpad.net

CVE 2020-12458

Related bugs

References