Update prometheus-flags-endpoint.yaml
parent
2893847959
commit
1d70ac6ccb
|
@ -1,9 +1,9 @@
|
||||||
id: prometheus-flags-endpoint
|
id: prometheus-flags-endpoint
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Exposure of sensitive operational information via Prometheus flags API endpoint
|
name: Prometheus flags API endpoint
|
||||||
author: geeknik
|
author: geeknik
|
||||||
severity: medium
|
severity: info
|
||||||
description: The flags endpoint provides a full path to the configuration file. If the file is stored in the home directory, it may leak a username.
|
description: The flags endpoint provides a full path to the configuration file. If the file is stored in the home directory, it may leak a username.
|
||||||
reference: https://jfrog.com/blog/dont-let-prometheus-steal-your-fire/
|
reference: https://jfrog.com/blog/dont-let-prometheus-steal-your-fire/
|
||||||
tags: prometheus,exposure
|
tags: prometheus,exposure
|
||||||
|
|
Loading…
Reference in New Issue