Test latest Grafana security update

Description

https://grafana.com/blog/2021/10/05/grafana-7.5.11-and-8.1.6-released-with-critical-security-fix/

Acceptance / Success Criteria

None

Lucidchart Diagrams

Activity

Show:

Alberto February 23, 2022 at 12:27 AM

Confirmed the security issue has been fixed for the version >= 7.5.11 and versions >=8.1.6

Alberto February 23, 2022 at 12:25 AM
Edited

There are 3 scenarios where this occurs . Replicated on v7.3.0

/api/snapshots/:key
/api/snapshots-delete/:deleteKey
/dashboard/snapshot/:key

I wasn't able to replicate /dashboard/snapshot/:key. But confirmed the issue is resolved for the other scenarios in v7.5.11 and 8.1.6.

Jeff Jancula December 9, 2021 at 9:41 PM

Applying the security-moderate label for Grafana's critical fix because any data accessible through OpenNMS belongs to the organization running Grafana (not multi-tenant for ONMS on-premises).

Fixed

Details
Assignee
Alberto
Reporter
Sandy Skipper
Labels
security-moderate
Story Points
3
Sprint
None
Priority
Medium

PagerDuty

Created October 6, 2021 at 2:09 PM

Updated March 2, 2022 at 8:47 PM

Resolved February 23, 2022 at 12:27 AM

Test latest Grafana security update

Description

Acceptance / Success Criteria

Lucidchart Diagrams

Activity

Alberto February 23, 2022 at 12:27 AM

Alberto February 23, 2022 at 12:25 AMEdited

Jeff Jancula December 9, 2021 at 9:41 PM

DetailsAssigneeAlbertoAlbertoReporterSandy SkipperSandy SkipperLabelssecurity-moderateStory Points3SprintNone+2PriorityMedium

Details

Assignee

Reporter

Labels

Story Points

Sprint

Priority

PagerDutyPagerDuty Incident

PagerDuty

Alberto February 23, 2022 at 12:25 AM
Edited

Details
Assignee
Alberto
Reporter
Sandy Skipper
Labels
security-moderate
Story Points
3
Sprint
None
Priority
Medium

PagerDuty