Enhancement: cves/2019/CVE-2019-15043.yaml by md

cves/2019/CVE-2019-15043.yaml

@@ -1,17 +1,18 @@
 id: CVE-2019-15043
 
 info:
-  name: Grafana 2.0.0 <= 6.3.3 Incorrect Access Control Vulnerability
+  name: Grafana - Improper Access Control
   author: Joshua Rogers
   severity: high
   description: |
-    Grafana is an open-source platform for monitoring and observability. In affected versions an attacker is able to delete and create arbitrary snapshots, leading to denial of service.
+    Grafana 2.x through 6.x before 6.3.4 is susceptible to improper access control. An attacker can delete and create arbitrary snapshots, leading to denial of service.
   reference:
     - https://community.grafana.com/t/grafana-5-4-5-and-6-3-4-security-update/20569
     - https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/
     - https://bugzilla.redhat.com/show_bug.cgi?id=1746945
     - https://aaron-hoffmann.com/posts/cve-2019-15043/
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15043
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-15043
   remediation: Upgrade to 6.3.4 or higher.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
@@ -52,4 +53,6 @@ requests:
 
       - type: status
         status:
-          - 200
+          - 200
+
+# Enhanced by md on 2023/04/12