Oval Definition:oval:org.opensuse.security:def:202128148
Revision Date:2022-06-30Version:1
Title:CVE-2021-28148
Description:

One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service (DoS) attack against a Grafana Enterprise instance.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2021-28148
SUSE CVE-2021-28148
SUSE-CU-2021:313-1
SUSE-SU-2021:2660-1
SUSE-SU-2021:2673-1
SUSE-SU-2021:2675-1
openSUSE-SU-2021:1148-1
openSUSE-SU-2021:1162-1
openSUSE-SU-2021:2662-1
openSUSE-SU-2021:2675-1
SUSE-SU-2021:3907-1
SUSE-SU-2021:3908-1
SUSE-CU-2022:78-1
Platform(s):openSUSE Leap 15.2
openSUSE Leap 15.3
openSUSE Tumbleweed
SUSE Enterprise Storage 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND grafana is not affected
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND grafana-7.5.7-1.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND Package Information
  • ansible-2.9.21-1.5.1 is installed
  • AND ansible is signed with openSUSE key
  • OR
  • ansible-doc-2.9.21-1.5.1 is installed
  • AND ansible-doc is signed with openSUSE key
  • OR
  • ansible-test-2.9.21-1.5.1 is installed
  • AND ansible-test is signed with openSUSE key
  • OR
  • dracut-saltboot-0.1.1627546504.96a0b3e-1.27.1 is installed
  • AND dracut-saltboot is signed with openSUSE key
  • OR
  • grafana-7.5.7-3.12.1 is installed
  • AND grafana is signed with openSUSE key
  • OR
  • mgr-cfg-4.2.3-1.18.1 is installed
  • AND mgr-cfg is signed with openSUSE key
  • OR
  • mgr-cfg-actions-4.2.3-1.18.1 is installed
  • AND mgr-cfg-actions is signed with openSUSE key
  • OR
  • mgr-cfg-client-4.2.3-1.18.1 is installed
  • AND mgr-cfg-client is signed with openSUSE key
  • OR
  • mgr-cfg-management-4.2.3-1.18.1 is installed
  • AND mgr-cfg-management is signed with openSUSE key
  • OR
  • mgr-custom-info-4.2.2-1.12.1 is installed
  • AND mgr-custom-info is signed with openSUSE key
  • OR
  • mgr-osa-dispatcher-4.2.6-1.30.1 is installed
  • AND mgr-osa-dispatcher is signed with openSUSE key
  • OR
  • mgr-osad-4.2.6-1.30.1 is installed
  • AND mgr-osad is signed with openSUSE key
  • OR
  • mgr-push-4.2.3-1.12.1 is installed
  • AND mgr-push is signed with openSUSE key
  • OR
  • mgr-virtualization-host-4.2.2-1.20.1 is installed
  • AND mgr-virtualization-host is signed with openSUSE key
  • OR
  • python2-mgr-cfg-4.2.3-1.18.1 is installed
  • AND python2-mgr-cfg is signed with openSUSE key
  • OR
  • python2-mgr-cfg-actions-4.2.3-1.18.1 is installed
  • AND python2-mgr-cfg-actions is signed with openSUSE key
  • OR
  • python2-mgr-cfg-client-4.2.3-1.18.1 is installed
  • AND python2-mgr-cfg-client is signed with openSUSE key
  • OR
  • python2-mgr-cfg-management-4.2.3-1.18.1 is installed
  • AND python2-mgr-cfg-management is signed with openSUSE key
  • OR
  • python2-mgr-osa-common-4.2.6-1.30.1 is installed
  • AND python2-mgr-osa-common is signed with openSUSE key
  • OR
  • python2-mgr-osa-dispatcher-4.2.6-1.30.1 is installed
  • AND python2-mgr-osa-dispatcher is signed with openSUSE key
  • OR
  • python2-mgr-osad-4.2.6-1.30.1 is installed
  • AND python2-mgr-osad is signed with openSUSE key
  • OR
  • python2-mgr-push-4.2.3-1.12.1 is installed
  • AND python2-mgr-push is signed with openSUSE key
  • OR
  • python2-mgr-virtualization-common-4.2.2-1.20.1 is installed
  • AND python2-mgr-virtualization-common is signed with openSUSE key
  • OR
  • python2-mgr-virtualization-host-4.2.2-1.20.1 is installed
  • AND python2-mgr-virtualization-host is signed with openSUSE key
  • OR
  • python2-rhnlib-4.2.4-3.28.1 is installed
  • AND python2-rhnlib is signed with openSUSE key
  • OR
  • python2-spacewalk-check-4.2.12-3.44.1 is installed
  • AND python2-spacewalk-check is signed with openSUSE key
  • OR
  • python2-spacewalk-client-setup-4.2.12-3.44.1 is installed
  • AND python2-spacewalk-client-setup is signed with openSUSE key
  • OR
  • python2-spacewalk-client-tools-4.2.12-3.44.1 is installed
  • AND python2-spacewalk-client-tools is signed with openSUSE key
  • OR
  • python2-spacewalk-koan-4.2.4-3.21.1 is installed
  • AND python2-spacewalk-koan is signed with openSUSE key
  • OR
  • python2-spacewalk-oscap-4.2.2-3.12.1 is installed
  • AND python2-spacewalk-oscap is signed with openSUSE key
  • OR
  • python2-suseRegisterInfo-4.2.4-3.15.1 is installed
  • AND python2-suseRegisterInfo is signed with openSUSE key
  • OR
  • python2-uyuni-common-libs-4.2.5-1.15.1 is installed
  • AND python2-uyuni-common-libs is signed with openSUSE key
  • OR
  • python3-mgr-cfg-4.2.3-1.18.1 is installed
  • AND python3-mgr-cfg is signed with openSUSE key
  • OR
  • python3-mgr-cfg-actions-4.2.3-1.18.1 is installed
  • AND python3-mgr-cfg-actions is signed with openSUSE key
  • OR
  • python3-mgr-cfg-client-4.2.3-1.18.1 is installed
  • AND python3-mgr-cfg-client is signed with openSUSE key
  • OR
  • python3-mgr-cfg-management-4.2.3-1.18.1 is installed
  • AND python3-mgr-cfg-management is signed with openSUSE key
  • OR
  • python3-mgr-osa-common-4.2.6-1.30.1 is installed
  • AND python3-mgr-osa-common is signed with openSUSE key
  • OR
  • python3-mgr-osa-dispatcher-4.2.6-1.30.1 is installed
  • AND python3-mgr-osa-dispatcher is signed with openSUSE key
  • OR
  • python3-mgr-osad-4.2.6-1.30.1 is installed
  • AND python3-mgr-osad is signed with openSUSE key
  • OR
  • python3-mgr-push-4.2.3-1.12.1 is installed
  • AND python3-mgr-push is signed with openSUSE key
  • OR
  • python3-mgr-virtualization-common-4.2.2-1.20.1 is installed
  • AND python3-mgr-virtualization-common is signed with openSUSE key
  • OR
  • python3-mgr-virtualization-host-4.2.2-1.20.1 is installed
  • AND python3-mgr-virtualization-host is signed with openSUSE key
  • OR
  • python3-rhnlib-4.2.4-3.28.1 is installed
  • AND python3-rhnlib is signed with openSUSE key
  • OR
  • python3-spacewalk-check-4.2.12-3.44.1 is installed
  • AND python3-spacewalk-check is signed with openSUSE key
  • OR
  • python3-spacewalk-client-setup-4.2.12-3.44.1 is installed
  • AND python3-spacewalk-client-setup is signed with openSUSE key
  • OR
  • python3-spacewalk-client-tools-4.2.12-3.44.1 is installed
  • AND python3-spacewalk-client-tools is signed with openSUSE key
  • OR
  • python3-spacewalk-koan-4.2.4-3.21.1 is installed
  • AND python3-spacewalk-koan is signed with openSUSE key
  • OR
  • python3-spacewalk-oscap-4.2.2-3.12.1 is installed
  • AND python3-spacewalk-oscap is signed with openSUSE key
  • OR
  • python3-suseRegisterInfo-4.2.4-3.15.1 is installed
  • AND python3-suseRegisterInfo is signed with openSUSE key
  • OR
  • python3-uyuni-common-libs-4.2.5-1.15.1 is installed
  • AND python3-uyuni-common-libs is signed with openSUSE key
  • OR
  • spacecmd-4.2.11-3.62.1 is installed
  • AND spacecmd is signed with openSUSE key
  • OR
  • spacewalk-check-4.2.12-3.44.1 is installed
  • AND spacewalk-check is signed with openSUSE key
  • OR
  • spacewalk-client-setup-4.2.12-3.44.1 is installed
  • AND spacewalk-client-setup is signed with openSUSE key
  • OR
  • spacewalk-client-tools-4.2.12-3.44.1 is installed
  • AND spacewalk-client-tools is signed with openSUSE key
  • OR
  • spacewalk-koan-4.2.4-3.21.1 is installed
  • AND spacewalk-koan is signed with openSUSE key
  • OR
  • spacewalk-oscap-4.2.2-3.12.1 is installed
  • AND spacewalk-oscap is signed with openSUSE key
  • OR
  • suseRegisterInfo-4.2.4-3.15.1 is installed
  • AND suseRegisterInfo is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • ansible-2.9.21-lp152.2.7.1 is installed
  • AND ansible is signed with openSUSE key
  • OR
  • ansible-doc-2.9.21-lp152.2.7.1 is installed
  • AND ansible-doc is signed with openSUSE key
  • OR
  • ansible-test-2.9.21-lp152.2.7.1 is installed
  • AND ansible-test is signed with openSUSE key
  • OR
  • dracut-saltboot-0.1.1627546504.96a0b3e-lp152.2.26.1 is installed
  • AND dracut-saltboot is signed with openSUSE key
  • OR
  • golang-github-prometheus-prometheus-2.27.1-lp152.3.13.1 is installed
  • AND golang-github-prometheus-prometheus is signed with openSUSE key
  • OR
  • grafana-7.5.7-lp152.2.16.1 is installed
  • AND grafana is signed with openSUSE key
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND grafana is not affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND grafana is not affected
    • Definition Synopsis
  • SUSE Enterprise Storage 6 is installed
  • AND grafana is not affected
    • BACK