Grafana Metrics Exposure
Grafana metrics are publicly accessible.
Grafana is an open source, metrics dashboard and graph editor for Graphite, Elasticsearch, OpenTSDB, Prometheus and InfluxDB. It allows users to view and monitor visualizations based on metrics stored in these systems.
Attackers can retrieve various system metrics, application paths and other useful information.
Ensure that the metrics endpoint is blocked or protected by enforcing authentication.
Was this page helpful?