This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A credential leak in Grafana (v7.3.4 & earlier) when integrated with Zabbix. π₯ **Consequences**: Attackers can steal Zabbix usernames and passwords by inspecting the page source code.β¦
π οΈ **Root Cause**: Improper handling of sensitive data in the frontend. The Zabbix password is embedded in the `api_jsonrpc.php` HTML source code.β¦
π¦ **Affected**: Grafana versions **7.3.4 and earlier**. π€ **Component**: Specifically when integrated with **Zabbix**. If you don't use Zabbix, this specific vector doesn't apply.
Q4What can hackers do? (Privileges/Data)
π΅οΈ **Hacker Actions**: Gain full Zabbix account credentials. π **Impact**: Access to monitoring data, potential lateral movement, and control over the Zabbix infrastructure. High risk of data exfiltration.
Q5Is exploitation threshold high? (Auth/Config)
β‘ **Threshold**: **LOW**. π±οΈ **Requirement**: Just need to log in or register on the Grafana instance. Right-click -> View Source -> Ctrl+F search for 'password'. No complex exploit needed.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π **Public Exp?**: Yes. π **PoC**: Available via Nuclei templates (ProjectDiscovery). The method is manual but trivial: inspect HTML source. Wild exploitation is easy due to low complexity.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: 1. Log into Grafana. 2. Right-click page -> View Source. 3. Search for `api_jsonrpc.php`. 4. Look for `password` field. If found, you are vulnerable!β¦