Description
Grafana has an authentication bypass vulnerability. An attacker can view without authentication the Grafana's snapshot associated with the lowest database key .
Remediation
Upgrade to the latest version of Grafana
References
Related Vulnerabilities
Prototype Improper Privilege Management Vulnerability (CVE-2020-7993)
Moodle Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-1755)
WordPress Plugin WP Human Resource Management Security Bypass (2.2.14)
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9518)