CNNVD-202602-2139 Information
CNNVD ID
CNNVD-202602-2139
Related CVE
- CNNVD Published: 2026-02-12
Description (Chinese)
Grafana是Grafana开源的一套提供可视化监控界面的开源监控工具。该工具主要用于监控和分析Graphite、InfluxDB和Prometheus等。 Grafana存在安全漏洞,该漏洞源于公共仪表板中启用的注释未将其注释时间范围限制在仪表板的锁定时间范围内,可能导致读取特定仪表板上可见注释的完整历史记录。
Description (English)
Grafana is an open-source monitoring tool for the provision of visual monitoring interfaces to the Griffin Open Source. The tool is used mainly for the monitoring and analysis of Graham, InfluxDB and Prometheus. Grafana has a security loophole, which stems from the fact that the notes enabled in the public dashboard do not limit their comment time range to the lock time of the dashboard, which may lead to the reading of the full history of the comments visible on the particular dashboard.
Vulnerability Type
其他
Affected Vendor
Grafana
Published
2026-02-12
Last Modified
2026-02-24
References
https://grafana.com/security/security-advisories/CVE-2026-21722
Patch
https://grafana.com/security/security-advisories/cve-2026-21722/
Share on: