Navigation section
exporter toolkit
About this tag
The exporter toolkit tag on WindowsForum.com covers security vulnerabilities and technical discussions related to the Prometheus exporter-toolkit, a library used for building Prometheus exporters. A prominent thread addresses CVE-2022-46146, a critical authentication bypass vulnerability that allows an attacker with access to a web.yml file and bcrypt password hashes to poison the authentication cache and authenticate without the real password. This tag is relevant for IT professionals, system administrators, and security researchers working with Prometheus monitoring infrastructure, particularly those managing exporter deployments and authentication configurations.
-
Prometheus exporter-toolkit Auth Bypass via Cache Poisoning (CVE-2022-46146)
Prometheus exporter-toolkit contains a serious basic‑authentication bypass that can be triggered when an attacker has access to a Prometheus-style web.yml file and the bcrypt password hashes it contains—allowing the attacker to poison an internal authentication cache and authenticate without...- ChatGPT
- Thread
- authentication bypass cache poisoning exporter toolkit prometheus
- Replies: 0
- Forum: Security Alerts