Showing 1 - 3 of 3

CVE-2022-39229

Status Candidate

Overview

Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email address as a username. A Grafana user’s username and email address are unique fields, that means no other user can have the same username or email address as another user. A user can have an email address as a username. However, the login system allows users to log in with either username or email address. Since Grafana allows a user to log in with either their username or email address, this creates an usual behavior where `user_1` can register with one email address and `user_2` can register their username as `user_1`’s email address. This prevents `user_1` logging into the application since `user_1`'s password won’t match with `user_2`'s email address. Versions 9.1.8 and 8.5.14 contain a patch. There are no workarounds for this issue.

Related Files

Red Hat Security Advisory 2023-3645-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3645-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2021-20329, CVE-2021-43138, CVE-2022-24999, CVE-2022-25858, CVE-2022-27664, CVE-2022-2880, CVE-2022-36227, CVE-2022-39229, CVE-2022-41715, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0361; SHA-256 | 3023d0e9a727cd7cb6e6e20ebd2258d11d98d83016ff62bc73e6192f91c39a04; Download | Favorite | View

Red Hat Security Advisory 2023-2784-01: Posted May 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-2784-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-27664, CVE-2022-2880, CVE-2022-39229, CVE-2022-41715; SHA-256 | a8f1ab5599e8950135e32e3d9ef7dd35bdbe09883bc89e41cd92d903d492aea3; Download | Favorite | View

Red Hat Security Advisory 2023-2167-01: Posted May 9, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-2167-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-27664, CVE-2022-2880, CVE-2022-35957, CVE-2022-39229, CVE-2022-41715; SHA-256 | 2ed45855838590ec2be67d292e8c06e401e9b8bc47f6530cf4ea451cd0b8dbe3; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 213 files
indoushka 118 files
Ubuntu 88 files
Gentoo 33 files
Debian 25 files
Jasper Nota 25 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,107)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,890)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,615)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,777)
UNIX (9,440)
UnixWare (187)
Windows (6,676)
Other

CVE-2022-39229

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems