VYPR
High severityNVD Advisory· Published Apr 29, 2020· Updated Aug 4, 2024

CVE-2020-12459

CVE-2020-12459

Description

In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/grafana/grafanaGo
>= 6.0.0-beta1, < 7.2.17.2.1

Affected products

24

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.