Grafana 9.3.1
tcp/443
Grafana instance is open to the public and could leak the following information :
Severity: medium
Fingerprint: afdaacf6f709cb231ab201565627073656270736562707365627073656270736
Found vulnerable Grafana version 9.3.1: Affected by CVE-2023-22462
Fingerprint: afdaacf60309de55fbe6b9b4bb446aa4bb446aa4bb446aa4bb446aa4bb446aa4
Read-only access: Title: Locust Testruns | path: db/locust-testruns | type: dash-db
Open service 34.89.46.34:443 · grafana.yellow.training.k8s.education
2024-05-15 07:07
HTTP/1.1 200 OK Date: Wed, 15 May 2024 07:07:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: no-cache Expires: -1 Pragma: no-cache X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000; includeSubDomains
Open service 34.89.46.34:443 · grafana.yellow.training.k8s.education
2024-05-15 07:07
Grafana dashboard version 9.3.1 Edition: Open Source
Open service 34.89.46.34:80 · grafana.yellow.training.k8s.education
2024-05-15 07:07
HTTP/1.1 308 Permanent Redirect Date: Wed, 15 May 2024 07:07:13 GMT Content-Type: text/html Content-Length: 164 Connection: close Location: https://grafana.yellow.training.k8s.education Page title: 308 Permanent Redirect <html> <head><title>308 Permanent Redirect</title></head> <body> <center><h1>308 Permanent Redirect</h1></center> <hr><center>nginx</center> </body> </html>