JVNDB-2022-012278

JVNDB-2022-012278
Grafana �ｽﾉゑｿｽ�ｽ�ｽ�ｽ�ｽN�ｽ�ｽ�ｽX�ｽT�ｽC�ｽg�ｽX�ｽN�ｽ�ｽ�ｽv�ｽe�ｽB�ｽ�ｽ�ｽO�ｽﾌ脆弱性
�ｽT�ｽv
Grafana �ｽﾉは、�ｽN�ｽ�ｽ�ｽX�ｽT�ｽC�ｽg�ｽX�ｽN�ｽ�ｽ�ｽv�ｽe�ｽB�ｽ�ｽ�ｽO�ｽﾌ脆弱性�ｽ�ｽ�ｽ�ｽ�ｽﾝゑｿｽ�ｽﾜゑｿｽ�ｽB
CVSS �ｽﾉゑｿｽ�ｽ[�ｽ�ｽ�ｽx (CVSS �ｽﾆゑｿｽ?)
CVSS v3 �ｽﾉゑｿｽ�ｽ[�ｽ�ｽ�ｽx �ｽ�ｽ{�ｽl: 3.5 (�ｽ�ｽ�ｽ�ｽ) [NVD�ｽl] �ｽU�ｽ�ｽ�ｽ�ｽ�ｽ謨ｪ: �ｽl�ｽb�ｽg�ｽ�ｽ�ｽ[�ｽN �ｽU�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽﾌ包ｿｽ�ｽG�ｽ�ｽ: �ｽ�ｽ �ｽU�ｽ�ｽ�ｽﾉ必�ｽv�ｽﾈ難ｿｽ�ｽ�ｽ�ｽ�ｽ�ｽx�ｽ�ｽ: �ｽ�ｽ �ｽ�ｽ�ｽp�ｽﾒの関与: �ｽv �ｽe�ｽ�ｽ�ｽﾌ想�ｽ�ｽﾍ茨ｿｽ: �ｽﾏ更�ｽﾈゑｿｽ �ｽ@�ｽ�ｽ�ｽ�ｽ�ｽﾖの影�ｽ�ｽ(C): �ｽﾈゑｿｽ �ｽ�ｽ�ｽS�ｽ�ｽ�ｽﾖの影�ｽ�ｽ(I): �ｽ�ｽ �ｽﾂ用�ｽ�ｽ�ｽﾖの影�ｽ�ｽ(A): �ｽﾈゑｿｽ
�ｽe�ｽ�ｽ�ｽ�ｽ�ｽｯゑｿｽV�ｽX�ｽe�ｽ�ｽ

Grafana Labs Grafana 8.5.16 �ｽ�ｽ�ｽ�ｽ Grafana 9.2.8 �ｽ�ｽ�ｽ�ｽ �ｽ�ｽ�ｽ�ｽ Hitachi Infrastructure Analytics Advisor (�ｽC�ｽO�ｽﾌ費ｿｽ�ｽﾌゑｿｽ) Hitachi Ops Center Analyzer (�ｽC�ｽO�ｽﾌ費ｿｽ�ｽﾌゑｿｽ) Hitachi Ops Center Analyzer viewpoint (�ｽC�ｽO�ｽﾌ費ｿｽ�ｽﾌゑｿｽ) Hitachi Ops Center Viewpoint (�ｽ�ｽ�ｽ�ｽ�ｽﾌ費ｿｽ�ｽﾌゑｿｽ)

�ｽz�ｽ閧ｳ�ｽ�ｽ�ｽe�ｽ�ｽ
�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽｳゑｿｽ�ｽﾂ能�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽﾜゑｿｽ�ｽB
�ｽﾎ搾ｿｽ
�ｽx�ｽ�ｽ�ｽ_�ｽ�ｽ關ｳ�ｽ�ｽ�ｽﾈ対策が鯉ｿｽ�ｽJ�ｽ�ｽ�ｽ�ｽﾄゑｿｽ�ｽﾜゑｿｽ�ｽB�ｽx�ｽ�ｽ�ｽ_�ｽ�ｽ�ｽ�ｽ�ｽQ�ｽﾆゑｿｽ�ｽﾄ適�ｽﾘな対搾ｿｽ�ｽ�ｽ�ｽ�ｽ{�ｽ�ｽ�ｽﾄゑｿｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽB
�ｽx�ｽ�ｽ�ｽ_�ｽ�ｽ�ｽ
Grafana Labs GitHub : Snapshots: Build snapshot originalUrl on the backend (#60232) GitHub : [v9.2.x] Snapshots: Build snapshot originalUrl on the backend (#60232) (#60256) GitHub : Snapshots: Build snapshot originalUrl on the backend #60232 GitHub : [v9.2.x] Snapshots: Build snapshot originalUrl on the backend (#60232) #60256 GitHub : Spoofing originalUrl of snapshots �ｽ�ｽ�ｽ�ｽ Hitachi Software Vulnerability Information : hitachi-sec-2023-144 �ｽ\�ｽt�ｽg�ｽE�ｽF�ｽA�ｽ�ｽ�ｽi�ｽZ�ｽL�ｽ�ｽ�ｽ�ｽ�ｽe�ｽB�ｽ�ｽ�ｽ : hitachi-sec-2023-144
CWE�ｽﾉゑｿｽ�ｽﾆ弱性�ｽ^�ｽC�ｽv�ｽ齬� CWE�ｽﾆゑｿｽ?
�ｽN�ｽ�ｽ�ｽX�ｽT�ｽC�ｽg�ｽX�ｽN�ｽ�ｽ�ｽv�ｽe�ｽB�ｽ�ｽ�ｽO(CWE-79) [�ｽ�ｽ�ｽﾌ托ｿｽ]
�ｽ�ｽ�ｽﾊ脆弱性�ｽ�ｽ�ｽﾊ子(CVE) CVE�ｽﾆゑｿｽ?
CVE-2022-39324
�ｽQ�ｽl�ｽ�ｽ�ｽ
National Vulnerability Database (NVD) : CVE-2022-39324
�ｽX�ｽV�ｽ�ｽ�ｽ�ｽ
[2023�ｽN08�ｽ�ｽ29�ｽ�ｽ] �ｽf�ｽ�ｽ [2023�ｽN10�ｽ�ｽ04�ｽ�ｽ] �ｽx�ｽ�ｽ�ｽ_�ｽ�ｽ�ｽF�ｽ�ｽ�ｽ�ｽ (hitachi-sec-2023-144) �ｽ�ｽﾇ会ｿｽ �ｽe�ｽ�ｽ�ｽ�ｽ�ｽｯゑｿｽV�ｽX�ｽe�ｽ�ｽ�ｽF�ｽx�ｽ�ｽ�ｽ_�ｽ�ｽ�ｽﾌ追会ｿｽ�ｽﾉ費ｿｽ�ｽ�ｽ�ｽ�ｽ�ｽe�ｽ�ｽ�ｽX�ｽV


�ｽ�ｽ�ｽ\�ｽ�ｽ	2022/12/13
�ｽo�ｽ^�ｽ�ｽ	2023/08/29
�ｽﾅ終�ｽX�ｽV�ｽ�ｽ	2023/10/04

Grafana �ｽﾉゑｿｽ�ｽ�ｽ�ｽ�ｽN�ｽ�ｽ�ｽX�ｽT�ｽC�ｽg�ｽX�ｽN�ｽ�ｽ�ｽv�ｽe�ｽB�ｽ�ｽ�ｽO�ｽﾌ脆弱性