mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
2.0 KiB
2.0 KiB
CVE-2020-13379
Description
The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.
POC
Reference
- http://packetstormsecurity.com/files/158320/Grafana-7.0.1-Denial-Of-Service.html
- http://packetstormsecurity.com/files/158320/Grafana-7.0.1-Denial-Of-Service.html
- https://community.grafana.com/t/release-notes-v6-7-x/27119
- https://community.grafana.com/t/release-notes-v6-7-x/27119
- https://community.grafana.com/t/release-notes-v7-0-x/29381
- https://community.grafana.com/t/release-notes-v7-0-x/29381
- https://mostwanted002.cf/post/grafanados/
- https://mostwanted002.cf/post/grafanados/
Github
- https://github.com/3th1c4l-t0n1/awesome-csirt
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/MustafaSky/Guide-to-SSRF
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Spacial/awesome-csirt
- https://github.com/The-Cracker-Technology/jaeles
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/assetnote/blind-ssrf-chains
- https://github.com/b1n4ryx/oscp-cheatsheet
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/dalersinghmti/SSRF
- https://github.com/gkhan496/WDIR
- https://github.com/jaeles-project/jaeles
- https://github.com/jaeles-project/jaeles-signatures
- https://github.com/webexplo1t/Jaeles