Unrated severityNVD Advisory· Published Oct 17, 2023· Updated Feb 13, 2025
CVE-2023-4399
CVE-2023-4399
Description
Grafana is an open-source platform for monitoring and observability.
In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts.
However, the restriction can be bypassed used punycode encoding of the characters in the request address.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 1 more
- (no CPE)
- (no CPE)range: 10.1.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.