cve/2019/CVE-2019-19499.md

### [CVE-2019-19499](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19499)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ArrestX/--POC
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Miraitowa70/POC-Notes
- https://github.com/Threekiii/Awesome-POC
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/d4n-sec/d4n-sec.github.io
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2019-19499](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19499)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/0day404/vulnerability-poc`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/ArrestX/--POC`
			`- https://github.com/KayCHENvip/vulnerability-poc`
			`- https://github.com/Miraitowa70/POC-Notes`
			`- https://github.com/Threekiii/Awesome-POC`
			`- https://github.com/alphaSeclab/sec-daily-2020`
			`- https://github.com/d4n-sec/d4n-sec.github.io`