Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2023-4399

Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the characters in the request address.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.7%
CVSS Severity
CVSS v3 Score 6.6
Products affected by CVE-2023-4399
  • Grafana » Grafana » Version: 10.0.0
    cpe:2.3:a:grafana:grafana:10.0.0
  • Grafana » Grafana » Version: 10.0.7
    cpe:2.3:a:grafana:grafana:10.0.7
  • Grafana » Grafana » Version: 10.1.0
    cpe:2.3:a:grafana:grafana:10.1.0
  • Grafana » Grafana » Version: 10.1.3
    cpe:2.3:a:grafana:grafana:10.1.3
  • Grafana » Grafana » Version: 9.4.0
    cpe:2.3:a:grafana:grafana:9.4.0
  • Grafana » Grafana » Version: 9.4.16
    cpe:2.3:a:grafana:grafana:9.4.16
  • Grafana » Grafana » Version: 9.5.0
    cpe:2.3:a:grafana:grafana:9.5.0
  • Grafana » Grafana » Version: 9.5.11
    cpe:2.3:a:grafana:grafana:9.5.11


Products
Pricing
Contact Us

Shodan ® - All rights reserved