Netapp E-Series Performance Analyzer vulnerabilities

CVE-2022-21703 [MEDIUM] CWE-352 CVE-2022-21703: Grafana is an open-source platform for monitoring and observability. Affected versions are subject t Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attackers to elevate their privileges by mounting cross-origin attacks against authenticated high-privilege Grafana users (for example, Editors or Admins). An attacker can exploit this vulnerab

CVE-2022-21702 [MEDIUM] CWE-79 CVE-2022-21702: Grafana is an open-source platform for monitoring and observability. In affected versions an attacke Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-site Scripting (XSS) attack. The attacker could either compromise an existing datasource

CVE-2022-21713 [MEDIUM] CWE-863 CVE-2022-21713: Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana ex Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated attacker to view unintended data by querying for the specific team ID, `/teams/:search` will allow an authenticated attacker to s

CVE-2021-28165 [HIGH] CWE-400 CVE-2021-28165: In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage ca In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.