vpatch-CVE-2021-43798 AppSec Rule

« vpatch-CVE-2021-43798 »
v0.4 by crowdsecurity
AppSec rule

Grafana - Arbitrary File Read (CVE-2021-43798)

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2021-43798

YAML Configuration

1## autogenerated on 2025-03-28 15:30:48
2name: crowdsecurity/vpatch-CVE-2021-43798
3description: 'Grafana - Arbitrary File Read (CVE-2021-43798)'
4rules:
5  - and:
6    - zones:
7        - URI
8      transform:
9        - lowercase
10      match:
11        type: contains
12        value: /public/plugins/
13    - zones:
14        - URI
15      transform:
16        - lowercase
17      match:
18        type: contains
19        value: '../'
20
21labels:
22  type: exploit
23  service: http
24  confidence: 3
25  spoofable: 0
26  behavior: 'http:exploit'
27  label: 'Grafana - LFI'
28  classification:
29    - cve.CVE-2021-43798
30    - attack.T1190
31    - cwe.CWE-22
32

Hub Appsec rule

« vpatch-CVE-2021-43798 »v0.4 by crowdsecurityAppSec rule

« vpatch-CVE-2021-43798 »
v0.4 by crowdsecurity
AppSec rule