) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
This is not the latest report. Click
here to view the latest report.
CVSS v3.1 Statistics for Grafana Labs as of 03/28/2023
3
24
3
16
Reference
0-69.9%
|
|
Reference |
66.7
Contributor
70-94.9%
Provider
95-100%
| CVE | CNA Value | Alignment | NIST Value | Reason |
|---|---|---|---|---|
| CVE-2023-0507 (5 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) Required | User Interaction (UI) Required | |||
| Scope (S) Unchanged | ≠ | Scope (S) Changed | Security boundary cross identified | |
| Confidentiality (C) High | ≠ | Confidentiality (C) Low | Information leaked appears non-critical/sensitive | |
| Integrity (I) High | ≠ | Integrity (I) Low | Integrity impact appears non-critical | |
| Availability (A) None | Availability (A) None | |||
| CVE-2023-0594 (5 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) Required | User Interaction (UI) Required | |||
| Scope (S) Unchanged | ≠ | Scope (S) Changed | Security boundary cross identified | |
| Confidentiality (C) High | ≠ | Confidentiality (C) Low | Information leaked appears non-critical/sensitive | |
| Integrity (I) High | ≠ | Integrity (I) Low | Integrity impact appears non-critical | |
| Availability (A) None | Availability (A) None | |||
| CVE-2023-1410 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) Required | User Interaction (UI) Required | |||
| Scope (S) Changed | Scope (S) Changed | |||
| Confidentiality (C) High | ≠ | Confidentiality (C) Low | Information leaked appears non-critical/sensitive | |
| Integrity (I) Low | Integrity (I) Low | |||
| Availability (A) None | Availability (A) None |