CVE-2022-26148 in Grafana Labs and Red Hat Products
Published on March 21, 2022

An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in api_jsonrpc.php to discover the Zabbix account password and URL address.

NVD

Products Associated with CVE-2022-26148

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-26148 are published in these products:

Grafana Labs Grafana

Red Hat Ceph Storage

Red Hat Storage

Exploit Probability

EPSS

89.90%

Percentile

99.56%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-26148 in Grafana Labs and Red Hat ProductsPublished on March 21, 2022

Products Associated with CVE-2022-26148

Exploit Probability

CVE-2022-26148 in Grafana Labs and Red Hat Products
Published on March 21, 2022