Vulnerability Database

Grafana Metrics Exposure

Grafana is an open source, metrics dashboard and graph editor for Graphite, Elasticsearch, OpenTSDB, Prometheus and InfluxDB. It allows users to view and monitor visualizations based on metrics stored in these systems.

Attackers can retrieve various system metrics, application paths and other useful information.

Solution

Ensure that the metrics endpoint is blocked or protected by enforcing authentication.

Ultimate

Enterprise
  • Specifically designed for medium and large Enterprises
  • All Tools, Services, and Plans
  • Single Sign-On Integration, Single Tenant
  • Dedicated Support, Custom Integrations
  • Annual or Monthly, Fixed-cost Billing