daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2019-15043.yaml

patch-1
Dhiyaneshwaran 2022-12-08 10:54:11 +05:30 committed by GitHub
parent d38ddd1804
commit 5f76e712a6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
cves/2019/CVE-2019-15043.yaml
View File

@ -4,7 +4,8 @@ info:
name: Grafana 2.0.0 <= 6.3.3 Incorrect Access Control Vulnerability
author: Joshua Rogers
severity: high
description: Grafana is an open-source platform for monitoring and observability. In affected versions an attacker is able to delete and create arbitrary snapshots, leading to denial of service.
description: |
Grafana is an open-source platform for monitoring and observability. In affected versions an attacker is able to delete and create arbitrary snapshots, leading to denial of service.
reference:
- https://community.grafana.com/t/grafana-5-4-5-and-6-3-4-security-update/20569
- https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/
@ -25,15 +26,14 @@ requests:
path:
- "{{BaseURL}}/api/snapshots"
skip-variables-check: true
matchers-condition: and
matchers:
- type: status
status:
- 415
- type: word
words:
- "Content-Type"
- "ContentTypeError"
condition: and
- type: status
status:
- 415