Vulnerabilites related to grafana - grafana
cve-2022-39201
Vulnerability from cvelistv5
Published
2022-10-13 00:00
Modified
2024-08-03 12:00
Severity ?
EPSS score ?
Summary
Grafana is an open source observability and data visualization platform. Starting with version 5.0.0-beta1 and prior to versions 8.5.14 and 9.1.8, Grafana could leak the authentication cookie of users to plugins. The vulnerability impacts data source and plugin proxy endpoints under certain conditions. The destination plugin could receive a user's Grafana authentication cookie. Versions 9.1.8 and 8.5.14 contain a patch for this issue. There are no known workarounds.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:00:42.561Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-x744-mm8v-vpgr", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/commit/b571acc1dc130a33f24742c1f93b93216da6cf57", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/commit/c658816f5229d17f877579250c07799d3bbaebc9", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= v5.0.0-beta1, < 8.5.14", }, { status: "affected", version: ">= 9.0.0, < 9.1.8", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open source observability and data visualization platform. Starting with version 5.0.0-beta1 and prior to versions 8.5.14 and 9.1.8, Grafana could leak the authentication cookie of users to plugins. The vulnerability impacts data source and plugin proxy endpoints under certain conditions. The destination plugin could receive a user's Grafana authentication cookie. Versions 9.1.8 and 8.5.14 contain a patch for this issue. There are no known workarounds.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-13T00:00:00", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { url: "https://github.com/grafana/grafana/security/advisories/GHSA-x744-mm8v-vpgr", }, { url: "https://github.com/grafana/grafana/commit/b571acc1dc130a33f24742c1f93b93216da6cf57", }, { url: "https://github.com/grafana/grafana/commit/c658816f5229d17f877579250c07799d3bbaebc9", }, ], source: { advisory: "GHSA-x744-mm8v-vpgr", discovery: "UNKNOWN", }, title: "Data source and plugin proxy endpoints could leak the authentication cookie to some destination plugins", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-39201", datePublished: "2022-10-13T00:00:00", dateReserved: "2022-09-02T00:00:00", dateUpdated: "2024-08-03T12:00:42.561Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-31107
Vulnerability from cvelistv5
Published
2022-07-15 12:30
Modified
2024-08-03 07:11
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user's external user id is not already associated with an account in Grafana, the malicious user's email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user's Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.
References
| ▼ | URL | Tags |
|---|---|---|
| https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/ | x_refsource_MISC | |
| https://github.com/grafana/grafana/security/advisories/GHSA-mx47-6497-3fv2 | x_refsource_CONFIRM | |
| https://grafana.com/docs/grafana/next/release-notes/release-notes-8-5-9/ | x_refsource_MISC | |
| https://grafana.com/docs/grafana/next/release-notes/release-notes-9-0-3/ | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220901-0010/ | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:11:38.479Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-mx47-6497-3fv2", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-5-9/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-9-0-3/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220901-0010/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 5.3, < 8.3.10", }, { status: "affected", version: ">= 8.4.0, < 8.4.10", }, { status: "affected", version: ">= 8.5.0, < 8.5.9", }, { status: "affected", version: ">= 9.0.0, < 9.0.3", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user's external user id is not already associated with an account in Grafana, the malicious user's email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user's Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-863", description: "CWE-863: Incorrect Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-01T13:06:35", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-mx47-6497-3fv2", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-5-9/", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-9-0-3/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220901-0010/", }, ], source: { advisory: "GHSA-mx47-6497-3fv2", discovery: "UNKNOWN", }, title: "Grafana account takeover via OAuth vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-31107", STATE: "PUBLIC", TITLE: "Grafana account takeover via OAuth vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: ">= 5.3, < 8.3.10", }, { version_value: ">= 8.4.0, < 8.4.10", }, { version_value: ">= 8.5.0, < 8.5.9", }, { version_value: ">= 9.0.0, < 9.0.3", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user's external user id is not already associated with an account in Grafana, the malicious user's email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user's Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-863: Incorrect Authorization", }, ], }, ], }, references: { reference_data: [ { name: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/", refsource: "MISC", url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/", }, { name: "https://github.com/grafana/grafana/security/advisories/GHSA-mx47-6497-3fv2", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-mx47-6497-3fv2", }, { name: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-5-9/", refsource: "MISC", url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-5-9/", }, { name: "https://grafana.com/docs/grafana/next/release-notes/release-notes-9-0-3/", refsource: "MISC", url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-9-0-3/", }, { name: "https://security.netapp.com/advisory/ntap-20220901-0010/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220901-0010/", }, ], }, source: { advisory: "GHSA-mx47-6497-3fv2", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-31107", datePublished: "2022-07-15T12:30:14", dateReserved: "2022-05-18T00:00:00", dateUpdated: "2024-08-03T07:11:38.479Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-21702
Vulnerability from cvelistv5
Published
2022-02-08 19:40
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-site Scripting (XSS) attack. The attacker could either compromise an existing datasource for a specific Grafana instance or either set up its own public service and instruct anyone to set it up in their Grafana instance. To be impacted, all of the following must be applicable. For the data source proxy: A Grafana HTTP-based datasource configured with Server as Access Mode and a URL set, the attacker has to be in control of the HTTP server serving the URL of above datasource, and a specially crafted link pointing at the attacker controlled data source must be clicked on by an authenticated user. For the plugin proxy: A Grafana HTTP-based app plugin configured and enabled with a URL set, the attacker has to be in control of the HTTP server serving the URL of above app, and a specially crafted link pointing at the attacker controlled plugin must be clocked on by an authenticated user. For the backend plugin resource: An attacker must be able to navigate an authenticated user to a compromised plugin through a crafted link. Users are advised to update to a patched version. There are no known workarounds for this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/security/advisories/GHSA-xc3p-28hw-q24g | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/commit/27726868b3d7c613844b55cd209ca93645c99b85 | x_refsource_MISC | |
| https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/ | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220303-0005/ | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:53:34.846Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-xc3p-28hw-q24g", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/27726868b3d7c613844b55cd209ca93645c99b85", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, { name: "FEDORA-2022-83405f9d5b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { name: "FEDORA-2022-9dd03cab55", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { name: "FEDORA-2022-c5383675d9", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 2.0.0-beta1, < 7.5.15", }, { status: "affected", version: ">= 8.0.0, < 8.3.5", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-site Scripting (XSS) attack. The attacker could either compromise an existing datasource for a specific Grafana instance or either set up its own public service and instruct anyone to set it up in their Grafana instance. To be impacted, all of the following must be applicable. For the data source proxy: A Grafana HTTP-based datasource configured with Server as Access Mode and a URL set, the attacker has to be in control of the HTTP server serving the URL of above datasource, and a specially crafted link pointing at the attacker controlled data source must be clicked on by an authenticated user. For the plugin proxy: A Grafana HTTP-based app plugin configured and enabled with a URL set, the attacker has to be in control of the HTTP server serving the URL of above app, and a specially crafted link pointing at the attacker controlled plugin must be clocked on by an authenticated user. For the backend plugin resource: An attacker must be able to navigate an authenticated user to a compromised plugin through a crafted link. Users are advised to update to a patched version. There are no known workarounds for this vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-07T07:06:28", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-xc3p-28hw-q24g", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/27726868b3d7c613844b55cd209ca93645c99b85", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, { name: "FEDORA-2022-83405f9d5b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { name: "FEDORA-2022-9dd03cab55", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { name: "FEDORA-2022-c5383675d9", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, ], source: { advisory: "GHSA-xc3p-28hw-q24g", discovery: "UNKNOWN", }, title: "Cross site scripting in Grafana proxy", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-21702", STATE: "PUBLIC", TITLE: "Cross site scripting in Grafana proxy", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: ">= 2.0.0-beta1, < 7.5.15", }, { version_value: ">= 8.0.0, < 8.3.5", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-site Scripting (XSS) attack. The attacker could either compromise an existing datasource for a specific Grafana instance or either set up its own public service and instruct anyone to set it up in their Grafana instance. To be impacted, all of the following must be applicable. For the data source proxy: A Grafana HTTP-based datasource configured with Server as Access Mode and a URL set, the attacker has to be in control of the HTTP server serving the URL of above datasource, and a specially crafted link pointing at the attacker controlled data source must be clicked on by an authenticated user. For the plugin proxy: A Grafana HTTP-based app plugin configured and enabled with a URL set, the attacker has to be in control of the HTTP server serving the URL of above app, and a specially crafted link pointing at the attacker controlled plugin must be clocked on by an authenticated user. For the backend plugin resource: An attacker must be able to navigate an authenticated user to a compromised plugin through a crafted link. Users are advised to update to a patched version. There are no known workarounds for this vulnerability.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-xc3p-28hw-q24g", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-xc3p-28hw-q24g", }, { name: "https://github.com/grafana/grafana/commit/27726868b3d7c613844b55cd209ca93645c99b85", refsource: "MISC", url: "https://github.com/grafana/grafana/commit/27726868b3d7c613844b55cd209ca93645c99b85", }, { name: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", refsource: "MISC", url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { name: "https://security.netapp.com/advisory/ntap-20220303-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, { name: "FEDORA-2022-83405f9d5b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { name: "FEDORA-2022-9dd03cab55", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { name: "FEDORA-2022-c5383675d9", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, ], }, source: { advisory: "GHSA-xc3p-28hw-q24g", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-21702", datePublished: "2022-02-08T19:40:11", dateReserved: "2021-11-16T00:00:00", dateUpdated: "2024-08-03T02:53:34.846Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-8118
Vulnerability from cvelistv5
Published
2024-09-26 18:46
Modified
2024-09-26 19:06
Severity ?
EPSS score ?
Summary
In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.
References
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-8118", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-26T19:06:31.902922Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-26T19:06:40.196Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://github.com/grafana/grafana/", defaultStatus: "unaffected", product: "Grafana", programFiles: [ "/pkg/services/ngalert/api/authorization.go", ], vendor: "Grafana", versions: [ { lessThan: "10.3.10", status: "affected", version: "8.5.0", versionType: "semver", }, { lessThan: "10.4.9", status: "affected", version: "10.4.0", versionType: "semver", }, { lessThan: "11.0.5", status: "affected", version: "11.0.0", versionType: "semver", }, { lessThan: "11.1.6", status: "affected", version: "11.1.0", versionType: "semver", }, { lessThan: "11.2.1", status: "affected", version: "11.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: " In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.<br>", }, ], value: "In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.", }, ], impacts: [ { capecId: "CAPEC-1", descriptions: [ { lang: "en", value: "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs", }, ], }, ], metrics: [ { cvssV4_0: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 5.1, baseSeverity: "MEDIUM", privilegesRequired: "HIGH", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", version: "4.0", vulnAvailabilityImpact: "LOW", vulnConfidentialityImpact: "LOW", vulnIntegrityImpact: "LOW", vulnerabilityResponseEffort: "NOT_DEFINED", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-653", description: "CWE-653: Improper Isolation or Compartmentalization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-26T18:46:07.048Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2024-8118/", }, ], source: { discovery: "INTERNAL", }, title: "Grafana alerting wrong permission on datasource rule write endpoint", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2024-8118", datePublished: "2024-09-26T18:46:07.048Z", dateReserved: "2024-08-23T13:45:00.173Z", dateUpdated: "2024-09-26T19:06:40.196Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-1000816
Vulnerability from cvelistv5
Published
2018-12-20 15:00
Modified
2024-09-17 00:31
Severity ?
EPSS score ?
Summary
Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting (XSS) vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser.. This attack appear to be exploitable via Authenticated user must click on the input field where the payload was previously inserted..
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/issues/13667 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T12:47:56.150Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/issues/13667", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], dateAssigned: "2018-11-27T00:00:00", descriptions: [ { lang: "en", value: "Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting (XSS) vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser.. This attack appear to be exploitable via Authenticated user must click on the input field where the payload was previously inserted..", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-20T15:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/issues/13667", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", DATE_ASSIGNED: "2018-11-27T13:54:33.456461", DATE_REQUESTED: "2018-10-15T09:16:59", ID: "CVE-2018-1000816", REQUESTER: "lokalhorst@protonmail.com", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting (XSS) vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser.. This attack appear to be exploitable via Authenticated user must click on the input field where the payload was previously inserted..", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/issues/13667", refsource: "MISC", url: "https://github.com/grafana/grafana/issues/13667", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-1000816", datePublished: "2018-12-20T15:00:00Z", dateReserved: "2018-12-20T00:00:00Z", dateUpdated: "2024-09-17T00:31:53.978Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22462
Vulnerability from cvelistv5
Published
2023-03-02 00:06
Modified
2025-02-13 16:43
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be fully exploited. The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker needs to have the Editor role in order to change a Text panel to include JavaScript. Another user needs to edit the same Text panel, and click on "Markdown" or "HTML" for the code to be executed. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. This issue has been patched in versions 9.2.10 and 9.3.4.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:13:48.351Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf", }, { name: "https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165", }, { name: "https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230413-0004/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22462", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T17:15:55.895243Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T18:34:16.087Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 9.2, < 9.2.10", }, { status: "affected", version: ">= 9.3, < 9.3.4", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin \"Text\". The stored XSS vulnerability requires several user interactions in order to be fully exploited. The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker needs to have the Editor role in order to change a Text panel to include JavaScript. Another user needs to edit the same Text panel, and click on \"Markdown\" or \"HTML\" for the code to be executed. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. This issue has been patched in versions 9.2.10 and 9.3.4.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-13T16:06:22.978Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf", }, { name: "https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165", tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165", }, { name: "https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/", tags: [ "x_refsource_MISC", ], url: "https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/", }, { url: "https://security.netapp.com/advisory/ntap-20230413-0004/", }, ], source: { advisory: "GHSA-7rqg-hjwc-6mjf", discovery: "UNKNOWN", }, title: "Stored XSS in Grafana Text plugin", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2023-22462", datePublished: "2023-03-02T00:06:59.876Z", dateReserved: "2022-12-29T03:00:40.879Z", dateUpdated: "2025-02-13T16:43:52.162Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-4399
Vulnerability from cvelistv5
Published
2023-10-17 07:09
Modified
2025-02-13 17:13
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability.
In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts.
However, the restriction can be bypassed used punycode encoding of the characters in the request address.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Grafana | Grafana Enterprise |
Version: 10.1.0 ≤ Version: 10.0.0 ≤ Version: 9.5.0 ≤ Version: 9.4.0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T07:24:04.622Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://grafana.com/security/security-advisories/cve-2023-4399/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20231208-0003/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-4399", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T14:41:54.324405Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T14:42:21.688Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Grafana Enterprise", vendor: "Grafana", versions: [ { lessThan: "10.1.5", status: "affected", version: "10.1.0", versionType: "semver", }, { lessThan: "10.0.9", status: "affected", version: "10.0.0", versionType: "semver", }, { lessThan: "9.5.13", status: "affected", version: "9.5.0", versionType: "semver", }, { lessThan: "9.4.17", status: "affected", version: "9.4.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Grafana is an open-source platform for monitoring and observability. </p><p>In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts.</p><p>However, the restriction can be bypassed used punycode encoding of the characters in the request address.</p>", }, ], value: "Grafana is an open-source platform for monitoring and observability. \n\nIn Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts.\n\nHowever, the restriction can be bypassed used punycode encoding of the characters in the request address.", }, ], impacts: [ { capecId: "CAPEC-267", descriptions: [ { lang: "en", value: "CAPEC-267", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-183", description: "CWE-183", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-08T19:06:21.275Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2023-4399/", }, { url: "https://security.netapp.com/advisory/ntap-20231208-0003/", }, ], }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2023-4399", datePublished: "2023-10-17T07:09:03.015Z", dateReserved: "2023-08-17T10:06:35.187Z", dateUpdated: "2025-02-13T17:13:32.745Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39229
Vulnerability from cvelistv5
Published
2022-10-13 00:00
Modified
2024-08-03 12:00
Severity ?
EPSS score ?
Summary
Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email address as a username. A Grafana user’s username and email address are unique fields, that means no other user can have the same username or email address as another user. A user can have an email address as a username. However, the login system allows users to log in with either username or email address. Since Grafana allows a user to log in with either their username or email address, this creates an usual behavior where `user_1` can register with one email address and `user_2` can register their username as `user_1`’s email address. This prevents `user_1` logging into the application since `user_1`'s password won’t match with `user_2`'s email address. Versions 9.1.8 and 8.5.14 contain a patch. There are no workarounds for this issue.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:00:43.379Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-gj7m-853r-289r", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/commit/5644758f0c5ae9955a4e5480d71f9bef57fdce35", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 9.0.0, < 9.1.8", }, { status: "affected", version: ">= 8.5.0, < 8.5.14", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email address as a username. A Grafana user’s username and email address are unique fields, that means no other user can have the same username or email address as another user. A user can have an email address as a username. However, the login system allows users to log in with either username or email address. Since Grafana allows a user to log in with either their username or email address, this creates an usual behavior where `user_1` can register with one email address and `user_2` can register their username as `user_1`’s email address. This prevents `user_1` logging into the application since `user_1`'s password won’t match with `user_2`'s email address. Versions 9.1.8 and 8.5.14 contain a patch. There are no workarounds for this issue.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "CWE-287: Improper Authentication", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-13T00:00:00", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { url: "https://github.com/grafana/grafana/security/advisories/GHSA-gj7m-853r-289r", }, { url: "https://github.com/grafana/grafana/commit/5644758f0c5ae9955a4e5480d71f9bef57fdce35", }, ], source: { advisory: "GHSA-gj7m-853r-289r", discovery: "UNKNOWN", }, title: "Grafana users with email as a username can block other users from signing in", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-39229", datePublished: "2022-10-13T00:00:00", dateReserved: "2022-09-02T00:00:00", dateUpdated: "2024-08-03T12:00:43.379Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-11741
Vulnerability from cvelistv5
Published
2025-01-31 15:12
Modified
2025-01-31 15:32
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability.
The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission.
Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15
References
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-11741", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-31T15:31:59.645050Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-31T15:32:13.294Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Grafana", vendor: "Grafana", versions: [ { lessThan: "11.4.1", status: "affected", version: "11.4.0", versionType: "custom", }, { lessThan: "11.3.3", status: "affected", version: "11.3.0", versionType: "custom", }, { lessThan: "11.2.6", status: "affected", version: "11.2.0", versionType: "custom", }, { lessThan: "11.1.11", status: "affected", version: "11.1.0", versionType: "custom", }, { lessThan: "10.4.15", status: "affected", version: "10.4.0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Grafana is an open-source platform for monitoring and observability. <br>The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. <br>Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15", }, ], value: "Grafana is an open-source platform for monitoring and observability. \nThe Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-31T15:12:29.122Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2024-11741/", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2024-11741", datePublished: "2025-01-31T15:12:29.122Z", dateReserved: "2024-11-26T13:17:13.248Z", dateUpdated: "2025-01-31T15:32:13.294Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-31130
Vulnerability from cvelistv5
Published
2022-10-13 00:00
Modified
2024-08-03 07:11
Severity ?
EPSS score ?
Summary
Grafana is an open source observability and data visualization platform. Versions of Grafana for endpoints prior to 9.1.8 and 8.5.14 could leak authentication tokens to some destination plugins under some conditions. The vulnerability impacts data source and plugin proxy endpoints with authentication tokens. The destination plugin could receive a user's Grafana authentication token. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not use API keys, JWT authentication, or any HTTP Header based authentication.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:11:39.569Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-jv32-5578-pxjc", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/commit/4dd56e4dabce10007bf4ba1059bf54178c35b177", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/commit/9da278c044ba605eb5a1886c48df9a2cb0d3885f", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: "< 8.5.14", }, { status: "affected", version: ">= 9.0.0, < 9.1.8", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open source observability and data visualization platform. Versions of Grafana for endpoints prior to 9.1.8 and 8.5.14 could leak authentication tokens to some destination plugins under some conditions. The vulnerability impacts data source and plugin proxy endpoints with authentication tokens. The destination plugin could receive a user's Grafana authentication token. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not use API keys, JWT authentication, or any HTTP Header based authentication.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-13T00:00:00", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { url: "https://github.com/grafana/grafana/security/advisories/GHSA-jv32-5578-pxjc", }, { url: "https://github.com/grafana/grafana/commit/4dd56e4dabce10007bf4ba1059bf54178c35b177", }, { url: "https://github.com/grafana/grafana/commit/9da278c044ba605eb5a1886c48df9a2cb0d3885f", }, ], source: { advisory: "GHSA-jv32-5578-pxjc", discovery: "UNKNOWN", }, title: "Grafana data source and plugin proxy endpoints leaking authentication tokens to some destination plugins", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-31130", datePublished: "2022-10-13T00:00:00", dateReserved: "2022-05-18T00:00:00", dateUpdated: "2024-08-03T07:11:39.569Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-5122
Vulnerability from cvelistv5
Published
2024-02-14 15:06
Modified
2025-02-13 17:19
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. The CSV datasource plugin is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing CSV data from a remote endpoint configured by an administrator. If this plugin was configured to send requests to a bare host with no path (e.g. https://www.example.com/ https://www.example.com/` ), requests to an endpoint other than the one configured by the administrator could be triggered by a specially crafted request from any user, resulting in an SSRF vector. AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Grafana | grafana-csv-datasource |
Version: 0.0.0 ≤ |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-5122", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-02-26T16:45:27.784995Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:28:44.777Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T07:44:53.890Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://grafana.com/security/security-advisories/cve-2023-5122/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240503-0002/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "grafana-csv-datasource", repo: "https://github.com/grafana/grafana-csv-datasource", vendor: "Grafana", versions: [ { lessThan: "0.6.13", status: "affected", version: "0.0.0", versionType: "semver", }, ], }, ], configurations: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Plugin must be installed and configured to send requests to a host without any path specified (e.g. <a target=\"_blank\" rel=\"nofollow\" href=\"https://example.com/\">https://example.com/</a>)<br>", }, ], value: "Plugin must be installed and configured to send requests to a host without any path specified (e.g. https://example.com/ https://example.com/ )", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Grafana is an open-source platform for monitoring and observability. The CSV datasource plugin is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing CSV data from a remote endpoint configured by an administrator. If this plugin was configured to send requests to a bare host with no path (e.g. <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.example.com/`\">https://www.example.com/</a>), requests to an endpoint other than the one configured by the administrator could be triggered by a specially crafted request from any user, resulting in an SSRF vector.<a target=\"_blank\" rel=\"nofollow\" href=\"https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N&version=3.1\">AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N</a><br>", }, ], value: "Grafana is an open-source platform for monitoring and observability. The CSV datasource plugin is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing CSV data from a remote endpoint configured by an administrator. If this plugin was configured to send requests to a bare host with no path (e.g. https://www.example.com/ https://www.example.com/` ), requests to an endpoint other than the one configured by the administrator could be triggered by a specially crafted request from any user, resulting in an SSRF vector. AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator", }, ], impacts: [ { capecId: "CAPEC-664", descriptions: [ { lang: "en", value: "CAPEC-664", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-918", description: "CWE-918 Server-Side Request Forgery (SSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-03T13:06:15.426Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2023-5122/", }, { url: "https://security.netapp.com/advisory/ntap-20240503-0002/", }, ], source: { discovery: "UNKNOWN", }, title: "SSRF in CSV Datasource Plugin", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2023-5122", datePublished: "2024-02-14T15:06:12.573Z", dateReserved: "2023-09-22T14:35:29.844Z", dateUpdated: "2025-02-13T17:19:42.980Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-18623
Vulnerability from cvelistv5
Published
2020-06-02 16:38
Modified
2024-08-05 11:15
Severity ?
EPSS score ?
Summary
Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/pull/11813 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200608-0008/ | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/issues/15293 | x_refsource_MISC | |
| https://github.com/grafana/grafana/releases/tag/v6.0.0 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:15:59.877Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/11813", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/issues/15293", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/releases/tag/v6.0.0", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana 5.3.1 has XSS via the \"Dashboard > Text Panel\" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-25T12:30:39", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/pull/11813", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/issues/15293", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/releases/tag/v6.0.0", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-18623", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana 5.3.1 has XSS via the \"Dashboard > Text Panel\" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/pull/11813", refsource: "MISC", url: "https://github.com/grafana/grafana/pull/11813", }, { name: "https://security.netapp.com/advisory/ntap-20200608-0008/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, { name: "https://github.com/grafana/grafana/issues/15293", refsource: "MISC", url: "https://github.com/grafana/grafana/issues/15293", }, { name: "https://github.com/grafana/grafana/releases/tag/v6.0.0", refsource: "MISC", url: "https://github.com/grafana/grafana/releases/tag/v6.0.0", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-18623", datePublished: "2020-06-02T16:38:25", dateReserved: "2018-10-23T00:00:00", dateUpdated: "2024-08-05T11:15:59.877Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-43813
Vulnerability from cvelistv5
Published
2021-12-10 17:30
Modified
2024-08-04 04:03
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. For users who cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. Alternatively, for fully lowercase or fully uppercase .md files, users can block /api/plugins/.*/markdown/.* without losing any functionality beyond inlined plugin help text.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q | x_refsource_CONFIRM | |
| https://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0f | x_refsource_MISC | |
| https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d | x_refsource_MISC | |
| https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/ | x_refsource_MISC | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12/ | x_refsource_MISC | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-2/ | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2021/12/10/4 | mailing-list, x_refsource_MLIST | |
| https://security.netapp.com/advisory/ntap-20220107-0006/ | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:03:09.012Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0f", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-2/", }, { name: "[oss-security] 20211210 CVE-2021-43813 and CVE-2021-43815 - Grafana directory traversal for some .md and .csv files", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220107-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 5.0.0, < 7.5.12", }, { status: "affected", version: ">= 8.0.0, < 8.3.2", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. For users who cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. Alternatively, for fully lowercase or fully uppercase .md files, users can block /api/plugins/.*/markdown/.* without losing any functionality beyond inlined plugin help text.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-07T12:06:27", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0f", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12/", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-2/", }, { name: "[oss-security] 20211210 CVE-2021-43813 and CVE-2021-43815 - Grafana directory traversal for some .md and .csv files", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220107-0006/", }, ], source: { advisory: "GHSA-c3q8-26ph-9g2q", discovery: "UNKNOWN", }, title: "Directory Traversal in Grafana", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-43813", STATE: "PUBLIC", TITLE: "Directory Traversal in Grafana", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: ">= 5.0.0, < 7.5.12", }, { version_value: ">= 8.0.0, < 8.3.2", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. For users who cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. Alternatively, for fully lowercase or fully uppercase .md files, users can block /api/plugins/.*/markdown/.* without losing any functionality beyond inlined plugin help text.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q", }, { name: "https://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0f", refsource: "MISC", url: "https://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0f", }, { name: "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d", refsource: "MISC", url: "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d", }, { name: "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/", refsource: "MISC", url: "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12/", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-2/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-2/", }, { name: "[oss-security] 20211210 CVE-2021-43813 and CVE-2021-43815 - Grafana directory traversal for some .md and .csv files", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { name: "https://security.netapp.com/advisory/ntap-20220107-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220107-0006/", }, ], }, source: { advisory: "GHSA-c3q8-26ph-9g2q", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-43813", datePublished: "2021-12-10T17:30:12", dateReserved: "2021-11-16T00:00:00", dateUpdated: "2024-08-04T04:03:09.012Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-21673
Vulnerability from cvelistv5
Published
2022-01-18 21:35
Modified
2024-08-03 02:46
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will forward the OAuth Identity of the most recently logged-in user. This can allow API token holders to retrieve data for which they may not have intended access. This attack relies on the Grafana instance having data sources that support the Forward OAuth Identity feature, the Grafana instance having a data source with the Forward OAuth Identity feature toggled on, the Grafana instance having OAuth enabled, and the Grafana instance having usable API keys. This issue has been patched in versions 7.5.13 and 8.3.4.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/security/advisories/GHSA-8wjh-59cw-9xh4 | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/releases/tag/v7.5.13 | x_refsource_MISC | |
| https://github.com/grafana/grafana/releases/tag/v8.3.4 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220303-0004/ | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:46:39.413Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-8wjh-59cw-9xh4", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/releases/tag/v7.5.13", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/releases/tag/v8.3.4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220303-0004/", }, { name: "FEDORA-2022-83405f9d5b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { name: "FEDORA-2022-9dd03cab55", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { name: "FEDORA-2022-c5383675d9", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 7.2.0, < 7.5.13", }, { status: "affected", version: ">= 8.0.0, < 8.3.4", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will forward the OAuth Identity of the most recently logged-in user. This can allow API token holders to retrieve data for which they may not have intended access. This attack relies on the Grafana instance having data sources that support the Forward OAuth Identity feature, the Grafana instance having a data source with the Forward OAuth Identity feature toggled on, the Grafana instance having OAuth enabled, and the Grafana instance having usable API keys. This issue has been patched in versions 7.5.13 and 8.3.4.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-07T07:06:34", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-8wjh-59cw-9xh4", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/releases/tag/v7.5.13", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/releases/tag/v8.3.4", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220303-0004/", }, { name: "FEDORA-2022-83405f9d5b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { name: "FEDORA-2022-9dd03cab55", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { name: "FEDORA-2022-c5383675d9", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, ], source: { advisory: "GHSA-8wjh-59cw-9xh4", discovery: "UNKNOWN", }, title: "OAuth Identity Token exposure in Grafana", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-21673", STATE: "PUBLIC", TITLE: "OAuth Identity Token exposure in Grafana", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: ">= 7.2.0, < 7.5.13", }, { version_value: ">= 8.0.0, < 8.3.4", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will forward the OAuth Identity of the most recently logged-in user. This can allow API token holders to retrieve data for which they may not have intended access. This attack relies on the Grafana instance having data sources that support the Forward OAuth Identity feature, the Grafana instance having a data source with the Forward OAuth Identity feature toggled on, the Grafana instance having OAuth enabled, and the Grafana instance having usable API keys. This issue has been patched in versions 7.5.13 and 8.3.4.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-8wjh-59cw-9xh4", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-8wjh-59cw-9xh4", }, { name: "https://github.com/grafana/grafana/releases/tag/v7.5.13", refsource: "MISC", url: "https://github.com/grafana/grafana/releases/tag/v7.5.13", }, { name: "https://github.com/grafana/grafana/releases/tag/v8.3.4", refsource: "MISC", url: "https://github.com/grafana/grafana/releases/tag/v8.3.4", }, { name: "https://security.netapp.com/advisory/ntap-20220303-0004/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220303-0004/", }, { name: "FEDORA-2022-83405f9d5b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { name: "FEDORA-2022-9dd03cab55", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { name: "FEDORA-2022-c5383675d9", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, ], }, source: { advisory: "GHSA-8wjh-59cw-9xh4", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-21673", datePublished: "2022-01-18T21:35:10", dateReserved: "2021-11-16T00:00:00", dateUpdated: "2024-08-03T02:46:39.413Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-9264
Vulnerability from cvelistv5
Published
2024-10-18 03:20
Modified
2025-03-14 10:03
Severity ?
9.4 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS score ?
Summary
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "grafana", vendor: "grafana", versions: [ { lessThan: "11.0.5\\+security-01", status: "affected", version: "11.0.0", versionType: "semver", }, { lessThan: "11.0.6\\+security-01", status: "affected", version: "11.0.6", versionType: "semver", }, { lessThan: "11.1.6\\+security-01", status: "affected", version: "11.1.0", versionType: "semver", }, { lessThan: "11.1.7\\+security-01", status: "affected", version: "11.1.7", versionType: "semver", }, { lessThan: "11.2.1\\+security-01", status: "affected", version: "11.2.0", versionType: "semver", }, { lessThan: "11.2.2\\+security-01", status: "affected", version: "11.2.2", versionType: "semver", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-9264", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-31T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-01T03:55:21.947Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2025-03-14T10:03:06.561Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://security.netapp.com/advisory/ntap-20250314-0007/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://github.com/grafana/grafana/", defaultStatus: "unaffected", product: "Grafana", vendor: "Grafana", versions: [ { changes: [ { at: "+security-01", status: "unaffected", }, ], lessThan: "11.0.5", status: "affected", version: "11.0.0", versionType: "semver", }, { changes: [ { at: "+security-01", status: "unaffected", }, ], lessThan: "11.1.6", status: "affected", version: "11.1.0", versionType: "semver", }, { changes: [ { at: "+security-01", status: "unaffected", }, ], lessThan: "11.2.1", status: "affected", version: "11.2.0", versionType: "semver", }, { changes: [ { at: "+security-01", status: "unaffected", }, ], lessThan: "11.0.6", status: "affected", version: "11.0.0", versionType: "semver", }, { changes: [ { at: "+security-01", status: "unaffected", }, ], lessThan: "11.1.7", status: "affected", version: "11.1.0", versionType: "semver", }, { changes: [ { at: "+security-01", status: "unaffected", }, ], lessThan: "11.2.2", status: "affected", version: "11.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, <span style=\"background-color: transparent;\">leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. </span>The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.<br>", }, ], value: "The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.", }, ], impacts: [ { capecId: "CAPEC-242", descriptions: [ { lang: "en", value: "CAPEC-242: Code Injection", }, ], }, ], metrics: [ { cvssV4_0: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 9.4, baseSeverity: "CRITICAL", privilegesRequired: "LOW", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "HIGH", subConfidentialityImpact: "HIGH", subIntegrityImpact: "HIGH", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", vulnerabilityResponseEffort: "NOT_DEFINED", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94: Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-18T03:20:52.489Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2024-9264/", }, ], source: { discovery: "INTERNAL", }, title: "Grafana SQL Expressions allow for remote code execution", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2024-9264", datePublished: "2024-10-18T03:20:52.489Z", dateReserved: "2024-09-26T20:15:46.544Z", dateUpdated: "2025-03-14T10:03:06.561Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12052
Vulnerability from cvelistv5
Published
2020-04-27 12:30
Modified
2024-08-04 11:48
Severity ?
EPSS score ?
Summary
Grafana version < 6.7.3 is vulnerable for annotation popup XSS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://community.grafana.com/t/release-notes-v6-7-x/27119 | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20200511-0001/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:48:57.967Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200511-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-04-23T00:00:00", descriptions: [ { lang: "en", value: "Grafana version < 6.7.3 is vulnerable for annotation popup XSS.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-11T09:06:11", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200511-0001/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-12052", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana version < 6.7.3 is vulnerable for annotation popup XSS.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://community.grafana.com/t/release-notes-v6-7-x/27119", refsource: "CONFIRM", url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { name: "https://security.netapp.com/advisory/ntap-20200511-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200511-0001/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-12052", datePublished: "2020-04-27T12:30:09", dateReserved: "2020-04-21T00:00:00", dateUpdated: "2024-08-04T11:48:57.967Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-41244
Vulnerability from cvelistv5
Published
2021-11-15 20:05
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users from other organizations. Grafana 8.0 introduced a mechanism which allowed users with the Organization Admin role to list, add, remove, and update users’ roles in other organizations in which they are not an admin. With fine-grained access control enabled, organization admins can list, add, remove and update users' roles in another organization, where they do not have organization admin role. All installations between v8.0 and v8.2.3 that have fine-grained access control beta enabled and more than one organization should be upgraded as soon as possible. If you cannot upgrade, you should turn off the fine-grained access control using a feature flag.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/security/advisories/GHSA-mpwp-42x6-4wmx | x_refsource_CONFIRM | |
| https://grafana.com/blog/2021/11/15/grafana-8.2.4-released-with-security-fixes/ | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2021/11/15/1 | mailing-list, x_refsource_MLIST | |
| https://security.netapp.com/advisory/ntap-20211223-0001/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:08:31.510Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-mpwp-42x6-4wmx", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/blog/2021/11/15/grafana-8.2.4-released-with-security-fixes/", }, { name: "[oss-security] 20211115 Grafana 8.2.4 released with security fixes", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/11/15/1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211223-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 8.0.0, < 8.2.4", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users from other organizations. Grafana 8.0 introduced a mechanism which allowed users with the Organization Admin role to list, add, remove, and update users’ roles in other organizations in which they are not an admin. With fine-grained access control enabled, organization admins can list, add, remove and update users' roles in another organization, where they do not have organization admin role. All installations between v8.0 and v8.2.3 that have fine-grained access control beta enabled and more than one organization should be upgraded as soon as possible. If you cannot upgrade, you should turn off the fine-grained access control using a feature flag.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-610", description: "CWE-610: Externally Controlled Reference to a Resource in Another Sphere", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-23T12:07:05", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-mpwp-42x6-4wmx", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/blog/2021/11/15/grafana-8.2.4-released-with-security-fixes/", }, { name: "[oss-security] 20211115 Grafana 8.2.4 released with security fixes", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/11/15/1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211223-0001/", }, ], source: { advisory: "GHSA-mpwp-42x6-4wmx", discovery: "UNKNOWN", }, title: "Cross organization admin control in Grafana", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-41244", STATE: "PUBLIC", TITLE: "Cross organization admin control in Grafana", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: ">= 8.0.0, < 8.2.4", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open-source platform for monitoring and observability. In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users from other organizations. Grafana 8.0 introduced a mechanism which allowed users with the Organization Admin role to list, add, remove, and update users’ roles in other organizations in which they are not an admin. With fine-grained access control enabled, organization admins can list, add, remove and update users' roles in another organization, where they do not have organization admin role. All installations between v8.0 and v8.2.3 that have fine-grained access control beta enabled and more than one organization should be upgraded as soon as possible. If you cannot upgrade, you should turn off the fine-grained access control using a feature flag.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-610: Externally Controlled Reference to a Resource in Another Sphere", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-mpwp-42x6-4wmx", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-mpwp-42x6-4wmx", }, { name: "https://grafana.com/blog/2021/11/15/grafana-8.2.4-released-with-security-fixes/", refsource: "MISC", url: "https://grafana.com/blog/2021/11/15/grafana-8.2.4-released-with-security-fixes/", }, { name: "[oss-security] 20211115 Grafana 8.2.4 released with security fixes", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/11/15/1", }, { name: "https://security.netapp.com/advisory/ntap-20211223-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211223-0001/", }, ], }, source: { advisory: "GHSA-mpwp-42x6-4wmx", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-41244", datePublished: "2021-11-15T20:05:11", dateReserved: "2021-09-15T00:00:00", dateUpdated: "2024-08-04T03:08:31.510Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39307
Vulnerability from cvelistv5
Published
2022-11-09 00:00
Modified
2024-08-03 12:00
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the `/api/user/password/sent-reset-email` URL. When the username or email does not exist, a JSON response contains a “user not found” message. This leaks information to unauthenticated users and introduces a security risk. This issue has been patched in 9.2.4 and backported to 8.5.15. There are no known workarounds.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:00:44.036Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-3p62-42x7-gxg5", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20221215-0004/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= v9.0.0-beta1, < 9.2.4", }, { status: "affected", version: "< 8.5.15", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the `/api/user/password/sent-reset-email` URL. When the username or email does not exist, a JSON response contains a “user not found” message. This leaks information to unauthenticated users and introduces a security risk. This issue has been patched in 9.2.4 and backported to 8.5.15. There are no known workarounds.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-15T00:00:00", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/grafana/grafana/security/advisories/GHSA-3p62-42x7-gxg5", }, { url: "https://security.netapp.com/advisory/ntap-20221215-0004/", }, ], source: { advisory: "GHSA-3p62-42x7-gxg5", discovery: "UNKNOWN", }, title: "Grafana subject to Exposure of Sensitive Information resulting in User enumeration via forget password", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-39307", datePublished: "2022-11-09T00:00:00", dateReserved: "2022-09-02T00:00:00", dateUpdated: "2024-08-03T12:00:44.036Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-15043
Vulnerability from cvelistv5
Published
2019-09-03 11:47
Modified
2024-08-05 00:34
Severity ?
EPSS score ?
Summary
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:34:53.156Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com/t/release-notes-v6-3-x/19202", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/releases", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://community.grafana.com/t/grafana-5-4-5-and-6-3-4-security-update/20569", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/", }, { name: "FEDORA-2019-0bb6b876da", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RF5ARGYX3WYB7H2FDR7VAWTEQ27UX3FU/", }, { name: "FEDORA-2019-77d612eab4", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UO4NBL7PKW4OSFRVZENGC42EWEJV2YAH/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20191004-0004/", }, { name: "openSUSE-SU-2020:0892", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { name: "openSUSE-SU-2020:1105", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { name: "openSUSE-SU-2020:1611", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-04T17:06:10", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com/t/release-notes-v6-3-x/19202", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/releases", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://community.grafana.com/t/grafana-5-4-5-and-6-3-4-security-update/20569", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/", }, { name: "FEDORA-2019-0bb6b876da", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RF5ARGYX3WYB7H2FDR7VAWTEQ27UX3FU/", }, { name: "FEDORA-2019-77d612eab4", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UO4NBL7PKW4OSFRVZENGC42EWEJV2YAH/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20191004-0004/", }, { name: "openSUSE-SU-2020:0892", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { name: "openSUSE-SU-2020:1105", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { name: "openSUSE-SU-2020:1611", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-15043", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://community.grafana.com/t/release-notes-v6-3-x/19202", refsource: "MISC", url: "https://community.grafana.com/t/release-notes-v6-3-x/19202", }, { name: "https://github.com/grafana/grafana/releases", refsource: "MISC", url: "https://github.com/grafana/grafana/releases", }, { name: "https://community.grafana.com/t/grafana-5-4-5-and-6-3-4-security-update/20569", refsource: "CONFIRM", url: "https://community.grafana.com/t/grafana-5-4-5-and-6-3-4-security-update/20569", }, { name: "https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/", refsource: "CONFIRM", url: "https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/", }, { name: "FEDORA-2019-0bb6b876da", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RF5ARGYX3WYB7H2FDR7VAWTEQ27UX3FU/", }, { name: "FEDORA-2019-77d612eab4", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UO4NBL7PKW4OSFRVZENGC42EWEJV2YAH/", }, { name: "https://security.netapp.com/advisory/ntap-20191004-0004/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20191004-0004/", }, { name: "openSUSE-SU-2020:0892", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { name: "openSUSE-SU-2020:1105", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { name: "openSUSE-SU-2020:1611", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-15043", datePublished: "2019-09-03T11:47:35", dateReserved: "2019-08-14T00:00:00", dateUpdated: "2024-08-05T00:34:53.156Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-13379
Vulnerability from cvelistv5
Published
2020-06-03 18:41
Modified
2024-08-04 12:18
Severity ?
EPSS score ?
Summary
The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:18:17.618Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/06/03/4", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com/t/grafana-7-0-2-and-6-7-4-security-update/31408", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com/t/release-notes-v7-0-x/29381", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200608-0006/", }, { name: "[oss-security] 20200609 Re: Grafana 6.7.4 and 7.0.2 released with fix for CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/06/09/2", }, { name: "FEDORA-2020-e6e81a03d6", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O2KSCCGKNEENZN3DW7TSPFBBUZH3YZXZ/", }, { name: "FEDORA-2020-a09e5be0be", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEKSZ6GE4EDOFZ23NGYWOCMD6O4JF5SO/", }, { name: "openSUSE-SU-2020:0892", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://mostwanted002.cf/post/grafanados/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/158320/Grafana-7.0.1-Denial-Of-Service.html", }, { name: "openSUSE-SU-2020:1105", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://rhynorater.github.io/CVE-2020-13379-Write-Up", }, { name: "[ambari-issues] 20200903 [jira] [Assigned] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/re75f59639f3bc1d14c7ab362bc4485ade84f3c6a3c1a03200c20fe13%40%3Cissues.ambari.apache.org%3E", }, { name: "[ambari-issues] 20200903 [jira] [Created] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r6bb57124a21bb638f552d81650c66684e70fc1ff9f40b6a8840171cd%40%3Cissues.ambari.apache.org%3E", }, { name: "openSUSE-SU-2020:1611", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { name: "openSUSE-SU-2020:1646", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html", }, { name: "[ambari-issues] 20210121 [jira] [Updated] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r40f0a97b6765de6b8938bc212ee9dfb5101e9efa48bcbbdec02b2a60%40%3Cissues.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210121 [GitHub] [ambari] payert opened a new pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r093b405a49fd31efa0d949ac1a887101af1ca95652a66094194ed933%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210121 [GitHub] [ambari] payert commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rba0247a27be78bd14046724098462d058a9969400a82344b3007cf90%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210121 [GitHub] [ambari] dvitiiuk commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rff71126fa7d9f572baafb9be44078ad409c85d2c0f3e26664f1ef5a2%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210122 [GitHub] [ambari] payert commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/re7c4b251b52f49ba6ef752b829bca9565faaf93d03206b1db6644d31%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210122 [GitHub] [ambari] payert opened a new pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rad99b06d7360a5cf6e394afb313f8901dcd4cb777aee9c9197b3b23d%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210122 [GitHub] [ambari] dvitiiuk commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r0928ee574281f8b6156e0a6d0291bfc27100a9dd3f9b0177ece24ae4%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-commits] 20210125 [ambari] branch branch-2.7 updated: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379 (#3279)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rd0fd283e3844b9c54cd5ecc92d966f96d3f4318815bbf3ac41f9c820%40%3Ccommits.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210125 [GitHub] [ambari] payert merged pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r6670a6c29044bcb77d4e5d165b5bd13fffe37b84caa5d6471b13b3a2%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-issues] 20210127 [jira] [Resolved] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r984c3b42a500f5a6a89fbee436b9432fada5dc27ebab04910aafe4da%40%3Cissues.ambari.apache.org%3E", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-27T10:06:05", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openwall.com/lists/oss-security/2020/06/03/4", }, { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com/t/grafana-7-0-2-and-6-7-4-security-update/31408", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/", }, { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com/t/release-notes-v7-0-x/29381", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200608-0006/", }, { name: "[oss-security] 20200609 Re: Grafana 6.7.4 and 7.0.2 released with fix for CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2020/06/09/2", }, { name: "FEDORA-2020-e6e81a03d6", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O2KSCCGKNEENZN3DW7TSPFBBUZH3YZXZ/", }, { name: "FEDORA-2020-a09e5be0be", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEKSZ6GE4EDOFZ23NGYWOCMD6O4JF5SO/", }, { name: "openSUSE-SU-2020:0892", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { tags: [ "x_refsource_MISC", ], url: "https://mostwanted002.cf/post/grafanados/", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/158320/Grafana-7.0.1-Denial-Of-Service.html", }, { name: "openSUSE-SU-2020:1105", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { tags: [ "x_refsource_MISC", ], url: "https://rhynorater.github.io/CVE-2020-13379-Write-Up", }, { name: "[ambari-issues] 20200903 [jira] [Assigned] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/re75f59639f3bc1d14c7ab362bc4485ade84f3c6a3c1a03200c20fe13%40%3Cissues.ambari.apache.org%3E", }, { name: "[ambari-issues] 20200903 [jira] [Created] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r6bb57124a21bb638f552d81650c66684e70fc1ff9f40b6a8840171cd%40%3Cissues.ambari.apache.org%3E", }, { name: "openSUSE-SU-2020:1611", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { name: "openSUSE-SU-2020:1646", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html", }, { name: "[ambari-issues] 20210121 [jira] [Updated] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r40f0a97b6765de6b8938bc212ee9dfb5101e9efa48bcbbdec02b2a60%40%3Cissues.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210121 [GitHub] [ambari] payert opened a new pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r093b405a49fd31efa0d949ac1a887101af1ca95652a66094194ed933%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210121 [GitHub] [ambari] payert commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rba0247a27be78bd14046724098462d058a9969400a82344b3007cf90%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210121 [GitHub] [ambari] dvitiiuk commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rff71126fa7d9f572baafb9be44078ad409c85d2c0f3e26664f1ef5a2%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210122 [GitHub] [ambari] payert commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/re7c4b251b52f49ba6ef752b829bca9565faaf93d03206b1db6644d31%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210122 [GitHub] [ambari] payert opened a new pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rad99b06d7360a5cf6e394afb313f8901dcd4cb777aee9c9197b3b23d%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210122 [GitHub] [ambari] dvitiiuk commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r0928ee574281f8b6156e0a6d0291bfc27100a9dd3f9b0177ece24ae4%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-commits] 20210125 [ambari] branch branch-2.7 updated: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379 (#3279)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rd0fd283e3844b9c54cd5ecc92d966f96d3f4318815bbf3ac41f9c820%40%3Ccommits.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210125 [GitHub] [ambari] payert merged pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r6670a6c29044bcb77d4e5d165b5bd13fffe37b84caa5d6471b13b3a2%40%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-issues] 20210127 [jira] [Resolved] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r984c3b42a500f5a6a89fbee436b9432fada5dc27ebab04910aafe4da%40%3Cissues.ambari.apache.org%3E", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-13379", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://community.grafana.com/t/release-notes-v6-7-x/27119", refsource: "MISC", url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { name: "http://www.openwall.com/lists/oss-security/2020/06/03/4", refsource: "CONFIRM", url: "http://www.openwall.com/lists/oss-security/2020/06/03/4", }, { name: "https://community.grafana.com/t/grafana-7-0-2-and-6-7-4-security-update/31408", refsource: "MISC", url: "https://community.grafana.com/t/grafana-7-0-2-and-6-7-4-security-update/31408", }, { name: "https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/", refsource: "CONFIRM", url: "https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/", }, { name: "https://community.grafana.com/t/release-notes-v7-0-x/29381", refsource: "MISC", url: "https://community.grafana.com/t/release-notes-v7-0-x/29381", }, { name: "https://security.netapp.com/advisory/ntap-20200608-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200608-0006/", }, { name: "[oss-security] 20200609 Re: Grafana 6.7.4 and 7.0.2 released with fix for CVE-2020-13379", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2020/06/09/2", }, { name: "FEDORA-2020-e6e81a03d6", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O2KSCCGKNEENZN3DW7TSPFBBUZH3YZXZ/", }, { name: "FEDORA-2020-a09e5be0be", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EEKSZ6GE4EDOFZ23NGYWOCMD6O4JF5SO/", }, { name: "openSUSE-SU-2020:0892", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { name: "https://mostwanted002.cf/post/grafanados/", refsource: "MISC", url: "https://mostwanted002.cf/post/grafanados/", }, { name: "http://packetstormsecurity.com/files/158320/Grafana-7.0.1-Denial-Of-Service.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/158320/Grafana-7.0.1-Denial-Of-Service.html", }, { name: "openSUSE-SU-2020:1105", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { name: "https://rhynorater.github.io/CVE-2020-13379-Write-Up", refsource: "MISC", url: "https://rhynorater.github.io/CVE-2020-13379-Write-Up", }, { name: "[ambari-issues] 20200903 [jira] [Assigned] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379", refsource: "MLIST", url: "https://lists.apache.org/thread.html/re75f59639f3bc1d14c7ab362bc4485ade84f3c6a3c1a03200c20fe13@%3Cissues.ambari.apache.org%3E", }, { name: "[ambari-issues] 20200903 [jira] [Created] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r6bb57124a21bb638f552d81650c66684e70fc1ff9f40b6a8840171cd@%3Cissues.ambari.apache.org%3E", }, { name: "openSUSE-SU-2020:1611", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { name: "openSUSE-SU-2020:1646", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html", }, { name: "[ambari-issues] 20210121 [jira] [Updated] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r40f0a97b6765de6b8938bc212ee9dfb5101e9efa48bcbbdec02b2a60@%3Cissues.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210121 [GitHub] [ambari] payert opened a new pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r093b405a49fd31efa0d949ac1a887101af1ca95652a66094194ed933@%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210121 [GitHub] [ambari] payert commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rba0247a27be78bd14046724098462d058a9969400a82344b3007cf90@%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210121 [GitHub] [ambari] dvitiiuk commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rff71126fa7d9f572baafb9be44078ad409c85d2c0f3e26664f1ef5a2@%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210122 [GitHub] [ambari] payert commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", refsource: "MLIST", url: "https://lists.apache.org/thread.html/re7c4b251b52f49ba6ef752b829bca9565faaf93d03206b1db6644d31@%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210122 [GitHub] [ambari] payert opened a new pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rad99b06d7360a5cf6e394afb313f8901dcd4cb777aee9c9197b3b23d@%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210122 [GitHub] [ambari] dvitiiuk commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r0928ee574281f8b6156e0a6d0291bfc27100a9dd3f9b0177ece24ae4@%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-commits] 20210125 [ambari] branch branch-2.7 updated: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379 (#3279)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rd0fd283e3844b9c54cd5ecc92d966f96d3f4318815bbf3ac41f9c820@%3Ccommits.ambari.apache.org%3E", }, { name: "[ambari-dev] 20210125 [GitHub] [ambari] payert merged pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r6670a6c29044bcb77d4e5d165b5bd13fffe37b84caa5d6471b13b3a2@%3Cdev.ambari.apache.org%3E", }, { name: "[ambari-issues] 20210127 [jira] [Resolved] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r984c3b42a500f5a6a89fbee436b9432fada5dc27ebab04910aafe4da@%3Cissues.ambari.apache.org%3E", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-13379", datePublished: "2020-06-03T18:41:09", dateReserved: "2020-05-22T00:00:00", dateUpdated: "2024-08-04T12:18:17.618Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27962
Vulnerability from cvelistv5
Published
2021-03-22 13:55
Modified
2024-08-03 21:33
Severity ?
EPSS score ?
Summary
Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://community.grafana.com/t/release-notes-v6-7-x/27119 | x_refsource_MISC | |
| https://community.grafana.com | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2021/03/19/5 | x_refsource_CONFIRM | |
| https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ | x_refsource_CONFIRM | |
| https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 | x_refsource_MISC | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:33:17.041Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/03/19/5", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-22T14:35:03", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openwall.com/lists/oss-security/2021/03/19/5", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, ], source: { discovery: "INTERNAL", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-27962", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://community.grafana.com/t/release-notes-v6-7-x/27119", refsource: "MISC", url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { name: "https://community.grafana.com", refsource: "MISC", url: "https://community.grafana.com", }, { name: "http://www.openwall.com/lists/oss-security/2021/03/19/5", refsource: "CONFIRM", url: "http://www.openwall.com/lists/oss-security/2021/03/19/5", }, { name: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", refsource: "CONFIRM", url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { name: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", refsource: "MISC", url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-27962", datePublished: "2021-03-22T13:55:39", dateReserved: "2021-03-05T00:00:00", dateUpdated: "2024-08-03T21:33:17.041Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-2183
Vulnerability from cvelistv5
Published
2023-06-06 18:04
Modified
2025-02-13 16:40
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability.
The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function.
This might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server.
Users may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Grafana | Grafana |
Version: 8.0.0 ≤ Version: 9.0.0 ≤ Version: 9.3.0 ≤ Version: 9.4.0 ≤ Version: 9.5.0 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T06:12:20.655Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://grafana.com/security/security-advisories/cve-2023-2183/", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-cvm3-pp2j-chr3", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230706-0002/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-2183", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T16:30:23.268015Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-07T16:30:50.109Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Grafana", vendor: "Grafana", versions: [ { lessThan: "8.5.26", status: "affected", version: "8.0.0", versionType: "semver", }, { lessThan: "9.2.19", status: "affected", version: "9.0.0", versionType: "semver", }, { lessThan: "9.3.15", status: "affected", version: "9.3.0", versionType: "semver", }, { lessThan: "9.4.12", status: "affected", version: "9.4.0", versionType: "semver", }, { lessThan: "9.5.3", status: "affected", version: "9.5.0", versionType: "semver", }, ], }, { product: "Grafana Enterprise", vendor: "Grafana", versions: [ { lessThan: "8.5.26", status: "affected", version: "8.0.0", versionType: "semver", }, { lessThan: "9.2.19", status: "affected", version: "9.0.0", versionType: "semver", }, { lessThan: "9.3.15", status: "affected", version: "9.3.0", versionType: "semver", }, { lessThan: "9.4.12", status: "affected", version: "9.4.0", versionType: "semver", }, { lessThan: "9.5.3", status: "affected", version: "9.5.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Grafana is an open-source platform for monitoring and observability. </p><p>The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function.</p><p>This might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server.</p><p>Users may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.</p>", }, ], value: "Grafana is an open-source platform for monitoring and observability. \n\nThe option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function.\n\nThis might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server.\n\nUsers may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.", }, ], impacts: [ { capecId: "CAPEC-180", descriptions: [ { lang: "en", value: "CAPEC-180", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-06T18:06:27.533Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2023-2183/", }, { url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-cvm3-pp2j-chr3", }, { url: "https://security.netapp.com/advisory/ntap-20230706-0002/", }, ], }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2023-2183", datePublished: "2023-06-06T18:04:26.485Z", dateReserved: "2023-04-19T12:11:08.488Z", dateUpdated: "2025-02-13T16:40:15.277Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-43798
Vulnerability from cvelistv5
Published
2021-12-07 18:25
Modified
2024-08-04 04:03
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/commit/c798c0e958d15d9cc7f27c72113d572fa58545ce | x_refsource_MISC | |
| http://packetstormsecurity.com/files/165198/Grafana-Arbitrary-File-Reading.html | x_refsource_MISC | |
| https://grafana.com/blog/2021/12/08/an-update-on-0day-cve-2021-43798-grafana-directory-traversal/ | x_refsource_CONFIRM | |
| http://packetstormsecurity.com/files/165221/Grafana-8.3.0-Directory-Traversal-Arbitrary-File-Read.html | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2021/12/09/2 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2021/12/10/4 | mailing-list, x_refsource_MLIST | |
| https://security.netapp.com/advisory/ntap-20211229-0004/ | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:03:08.797Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/c798c0e958d15d9cc7f27c72113d572fa58545ce", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/165198/Grafana-Arbitrary-File-Reading.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://grafana.com/blog/2021/12/08/an-update-on-0day-cve-2021-43798-grafana-directory-traversal/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/165221/Grafana-8.3.0-Directory-Traversal-Arbitrary-File-Read.html", }, { name: "[oss-security] 20211209 CVE-2021-43798 Grafana directory traversal", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/09/2", }, { name: "[oss-security] 20211210 CVE-2021-43813 and CVE-2021-43815 - Grafana directory traversal for some .md and .csv files", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211229-0004/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 8.0.0, < 8.0.7", }, { status: "affected", version: ">= 8.1.0, < 8.1.8", }, { status: "affected", version: ">= 8.2.0, < 8.2.7", }, { status: "affected", version: "= 8.3.0", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-29T20:06:36", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/c798c0e958d15d9cc7f27c72113d572fa58545ce", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/165198/Grafana-Arbitrary-File-Reading.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://grafana.com/blog/2021/12/08/an-update-on-0day-cve-2021-43798-grafana-directory-traversal/", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/165221/Grafana-8.3.0-Directory-Traversal-Arbitrary-File-Read.html", }, { name: "[oss-security] 20211209 CVE-2021-43798 Grafana directory traversal", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/12/09/2", }, { name: "[oss-security] 20211210 CVE-2021-43813 and CVE-2021-43815 - Grafana directory traversal for some .md and .csv files", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211229-0004/", }, ], source: { advisory: "GHSA-8pjx-jj86-j47p", discovery: "UNKNOWN", }, title: "Grafana path traversal", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-43798", STATE: "PUBLIC", TITLE: "Grafana path traversal", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: ">= 8.0.0, < 8.0.7", }, { version_value: ">= 8.1.0, < 8.1.8", }, { version_value: ">= 8.2.0, < 8.2.7", }, { version_value: "= 8.3.0", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p", }, { name: "https://github.com/grafana/grafana/commit/c798c0e958d15d9cc7f27c72113d572fa58545ce", refsource: "MISC", url: "https://github.com/grafana/grafana/commit/c798c0e958d15d9cc7f27c72113d572fa58545ce", }, { name: "http://packetstormsecurity.com/files/165198/Grafana-Arbitrary-File-Reading.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/165198/Grafana-Arbitrary-File-Reading.html", }, { name: "https://grafana.com/blog/2021/12/08/an-update-on-0day-cve-2021-43798-grafana-directory-traversal/", refsource: "CONFIRM", url: "https://grafana.com/blog/2021/12/08/an-update-on-0day-cve-2021-43798-grafana-directory-traversal/", }, { name: "http://packetstormsecurity.com/files/165221/Grafana-8.3.0-Directory-Traversal-Arbitrary-File-Read.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/165221/Grafana-8.3.0-Directory-Traversal-Arbitrary-File-Read.html", }, { name: "[oss-security] 20211209 CVE-2021-43798 Grafana directory traversal", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/12/09/2", }, { name: "[oss-security] 20211210 CVE-2021-43813 and CVE-2021-43815 - Grafana directory traversal for some .md and .csv files", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { name: "https://security.netapp.com/advisory/ntap-20211229-0004/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211229-0004/", }, ], }, source: { advisory: "GHSA-8pjx-jj86-j47p", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-43798", datePublished: "2021-12-07T18:25:10", dateReserved: "2021-11-16T00:00:00", dateUpdated: "2024-08-04T04:03:08.797Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-0507
Vulnerability from cvelistv5
Published
2023-03-01 15:35
Modified
2025-03-07 19:33
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability.
Starting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap.
The stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance.
An attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript.
This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard.
Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Grafana | Grafana |
Version: 8.1.0 ≤ Version: 9.0.0 ≤ Version: 9.3.0 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T05:17:49.040Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://grafana.com/security/security-advisories/cve-2023-0507/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230413-0001/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-0507", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-07T19:32:52.241575Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-07T19:33:21.129Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Grafana", vendor: "Grafana", versions: [ { lessThan: "8.5.21", status: "affected", version: "8.1.0", versionType: "semver", }, { lessThan: "9.2.13", status: "affected", version: "9.0.0", versionType: "semver", }, { lessThan: "9.3.8", status: "affected", version: "9.3.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "Grafana Enterprise", vendor: "Grafana", versions: [ { lessThan: "8.5.21", status: "affected", version: "8.1.0", versionType: "semver", }, { lessThan: "9.2.13", status: "affected", version: "9.0.0", versionType: "semver", }, { lessThan: "9.3.8", status: "affected", version: "9.3.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Grafana is an open-source platform for monitoring and observability. </p><p>Starting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. </p><p>The stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. </p><p>An attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. </p><p>This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. </p><p>Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix. </p>", }, ], value: "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. \n\nThe stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. \n\nAn attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. \n\nThis means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.", }, ], impacts: [ { capecId: "CAPEC-592", descriptions: [ { lang: "en", value: "CAPEC-592", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-13T16:06:25.719Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2023-0507/", }, { url: "https://security.netapp.com/advisory/ntap-20230413-0001/", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2023-0507", datePublished: "2023-03-01T15:35:55.259Z", dateReserved: "2023-01-25T15:05:48.661Z", dateUpdated: "2025-03-07T19:33:21.129Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-21713
Vulnerability from cvelistv5
Published
2022-02-08 20:50
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated attacker to view unintended data by querying for the specific team ID, `/teams/:search` will allow an authenticated attacker to search for teams and see the total number of available teams, including for those teams that the user does not have access to, and `/teams/:teamId/members` when editors_can_admin flag is enabled, an authenticated attacker can see unintended data by querying for the specific team ID. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/ | x_refsource_MISC | |
| https://github.com/grafana/grafana/pull/45083 | x_refsource_MISC | |
| https://github.com/grafana/grafana/security/advisories/GHSA-63g3-9jq3-mccv | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20220303-0005/ | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:53:34.831Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/45083", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-63g3-9jq3-mccv", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, { name: "FEDORA-2022-83405f9d5b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { name: "FEDORA-2022-9dd03cab55", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { name: "FEDORA-2022-c5383675d9", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 5.0.0-beta1, < 7.5.15", }, { status: "affected", version: ">= 8.0.0, < 8.3.5", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated attacker to view unintended data by querying for the specific team ID, `/teams/:search` will allow an authenticated attacker to search for teams and see the total number of available teams, including for those teams that the user does not have access to, and `/teams/:teamId/members` when editors_can_admin flag is enabled, an authenticated attacker can see unintended data by querying for the specific team ID. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-863", description: "CWE-863: Incorrect Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-07T07:06:33", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/pull/45083", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-63g3-9jq3-mccv", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, { name: "FEDORA-2022-83405f9d5b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { name: "FEDORA-2022-9dd03cab55", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { name: "FEDORA-2022-c5383675d9", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, ], source: { advisory: "GHSA-63g3-9jq3-mccv", discovery: "UNKNOWN", }, title: "Exposure of Sensitive Information in Grafana", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-21713", STATE: "PUBLIC", TITLE: "Exposure of Sensitive Information in Grafana", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: ">= 5.0.0-beta1, < 7.5.15", }, { version_value: ">= 8.0.0, < 8.3.5", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated attacker to view unintended data by querying for the specific team ID, `/teams/:search` will allow an authenticated attacker to search for teams and see the total number of available teams, including for those teams that the user does not have access to, and `/teams/:teamId/members` when editors_can_admin flag is enabled, an authenticated attacker can see unintended data by querying for the specific team ID. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-863: Incorrect Authorization", }, ], }, ], }, references: { reference_data: [ { name: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", refsource: "MISC", url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { name: "https://github.com/grafana/grafana/pull/45083", refsource: "MISC", url: "https://github.com/grafana/grafana/pull/45083", }, { name: "https://github.com/grafana/grafana/security/advisories/GHSA-63g3-9jq3-mccv", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-63g3-9jq3-mccv", }, { name: "https://security.netapp.com/advisory/ntap-20220303-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, { name: "FEDORA-2022-83405f9d5b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { name: "FEDORA-2022-9dd03cab55", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { name: "FEDORA-2022-c5383675d9", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, ], }, source: { advisory: "GHSA-63g3-9jq3-mccv", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-21713", datePublished: "2022-02-08T20:50:17", dateReserved: "2021-11-16T00:00:00", dateUpdated: "2024-08-03T02:53:34.831Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-31097
Vulnerability from cvelistv5
Published
2022-07-15 12:10
Modified
2024-08-03 07:11
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f | x_refsource_CONFIRM | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/ | x_refsource_MISC | |
| https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/ | x_refsource_MISC | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/ | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220901-0010/ | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:11:38.469Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220901-0010/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 9.0.0, < 9.0.3", }, { status: "affected", version: ">= 8.5.0, < 8.5.9", }, { status: "affected", version: ">= 8.4.0, < 8.4.10", }, { status: "affected", version: ">= 8.0.0, < 8.3.10", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-01T13:06:34", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220901-0010/", }, ], source: { advisory: "GHSA-vw7q-p2qg-4m5f", discovery: "UNKNOWN", }, title: "Stored XSS in Grafana's Unified Alerting", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-31097", STATE: "PUBLIC", TITLE: "Stored XSS in Grafana's Unified Alerting", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: ">= 9.0.0, < 9.0.3", }, { version_value: ">= 8.5.0, < 8.5.9", }, { version_value: ">= 8.4.0, < 8.4.10", }, { version_value: ">= 8.0.0, < 8.3.10", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/", }, { name: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/", refsource: "MISC", url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/", }, { name: "https://security.netapp.com/advisory/ntap-20220901-0010/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220901-0010/", }, ], }, source: { advisory: "GHSA-vw7q-p2qg-4m5f", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-31097", datePublished: "2022-07-15T12:10:10", dateReserved: "2022-05-18T00:00:00", dateUpdated: "2024-08-03T07:11:38.469Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26148
Vulnerability from cvelistv5
Published
2022-03-21 19:51
Modified
2024-08-03 04:56
Severity ?
EPSS score ?
Summary
An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in api_jsonrpc.php to discover the Zabbix account password and URL address.
References
| ▼ | URL | Tags |
|---|---|---|
| https://2k8.org/post-319.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220425-0005/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:56:37.936Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://2k8.org/post-319.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220425-0005/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in api_jsonrpc.php to discover the Zabbix account password and URL address.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-25T20:07:54", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://2k8.org/post-319.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220425-0005/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-26148", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in api_jsonrpc.php to discover the Zabbix account password and URL address.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://2k8.org/post-319.html", refsource: "MISC", url: "https://2k8.org/post-319.html", }, { name: "https://security.netapp.com/advisory/ntap-20220425-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220425-0005/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-26148", datePublished: "2022-03-21T19:51:27", dateReserved: "2022-02-26T00:00:00", dateUpdated: "2024-08-03T04:56:37.936Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-19499
Vulnerability from cvelistv5
Published
2020-08-28 14:49
Modified
2024-08-05 02:16
Severity ?
EPSS score ?
Summary
Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.
References
| ▼ | URL | Tags |
|---|---|---|
| https://swarm.ptsecurity.com/grafana-6-4-3-arbitrary-file-read/ | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200918-0003/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T02:16:47.971Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://swarm.ptsecurity.com/grafana-6-4-3-arbitrary-file-read/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200918-0003/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-27T00:00:00", descriptions: [ { lang: "en", value: "Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-18T11:06:16", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://swarm.ptsecurity.com/grafana-6-4-3-arbitrary-file-read/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200918-0003/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-19499", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://swarm.ptsecurity.com/grafana-6-4-3-arbitrary-file-read/", refsource: "MISC", url: "https://swarm.ptsecurity.com/grafana-6-4-3-arbitrary-file-read/", }, { name: "https://security.netapp.com/advisory/ntap-20200918-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200918-0003/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-19499", datePublished: "2020-08-28T14:49:46", dateReserved: "2019-12-02T00:00:00", dateUpdated: "2024-08-05T02:16:47.971Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-4822
Vulnerability from cvelistv5
Published
2023-10-16 08:45
Modified
2025-02-13 17:18
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations.
It also allows an Organization Admin to assign or revoke any permissions that they have to any user globally.
This means that any Organization Admin can elevate their own permissions in any organization that they are already a member of, or elevate or restrict the permissions of any other user.
The vulnerability does not allow a user to become a member of an organization that they are not already a member of, or to add any other users to an organization that the current user is not a member of.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Grafana | Grafana Enterprise |
Version: 8.0.0 ≤ Version: 9.5.0 ≤ Version: 10.0.0 ≤ Version: 10.1.0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T07:38:00.740Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://grafana.com/security/security-advisories/cve-2023-4822", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20231103-0008/", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "grafana_enterprise", vendor: "grafana", versions: [ { lessThan: "9.4.16", status: "affected", version: "8.0.0", versionType: "semver", }, { lessThan: "9.5.11", status: "affected", version: "9.5.0", versionType: "semver", }, { lessThan: "10.0.7", status: "affected", version: "10.0.0", versionType: "semver", }, { lessThan: "10.1.3", status: "affected", version: "10.1.0", versionType: "semver", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-4822", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-16T18:09:06.701494Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269 Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-16T18:14:33.231Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Grafana Enterprise", vendor: "Grafana", versions: [ { lessThan: "9.4.16", status: "affected", version: "8.0.0", versionType: "semver", }, { lessThan: "9.5.11", status: "affected", version: "9.5.0", versionType: "semver", }, { lessThan: "10.0.7", status: "affected", version: "10.0.0", versionType: "semver", }, { lessThan: "10.1.3", status: "affected", version: "10.1.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Grafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations.</p><p>It also allows an Organization Admin to assign or revoke any permissions that they have to any user globally.</p><p>This means that any Organization Admin can elevate their own permissions in any organization that they are already a member of, or elevate or restrict the permissions of any other user.</p><p>The vulnerability does not allow a user to become a member of an organization that they are not already a member of, or to add any other users to an organization that the current user is not a member of.</p>", }, ], value: "Grafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations.\n\nIt also allows an Organization Admin to assign or revoke any permissions that they have to any user globally.\n\nThis means that any Organization Admin can elevate their own permissions in any organization that they are already a member of, or elevate or restrict the permissions of any other user.\n\nThe vulnerability does not allow a user to become a member of an organization that they are not already a member of, or to add any other users to an organization that the current user is not a member of.", }, ], impacts: [ { capecId: "CAPEC-233", descriptions: [ { lang: "en", value: "CAPEC-233", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-04T05:07:07.679Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2023-4822", }, { url: "https://security.netapp.com/advisory/ntap-20231103-0008/", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2023-4822", datePublished: "2023-10-16T08:45:59.756Z", dateReserved: "2023-09-07T15:53:30.740Z", dateUpdated: "2025-02-13T17:18:11.628Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-43815
Vulnerability from cvelistv5
Published
2021-12-10 20:40
Modified
2024-08-04 04:03
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d | x_refsource_MISC | |
| https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/ | x_refsource_MISC | |
| https://github.com/grafana/grafana/security/advisories/GHSA-7533-c8qv-jm9m | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/commit/d6ec6f8ad28f0212e584406730f939105ff6c6d3 | x_refsource_MISC | |
| https://github.com/grafana/grafana/releases/tag/v8.3.2 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2021/12/10/4 | mailing-list, x_refsource_MLIST | |
| https://security.netapp.com/advisory/ntap-20220107-0006/ | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:03:08.839Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-7533-c8qv-jm9m", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/d6ec6f8ad28f0212e584406730f939105ff6c6d3", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/releases/tag/v8.3.2", }, { name: "[oss-security] 20211210 CVE-2021-43813 and CVE-2021-43815 - Grafana directory traversal for some .md and .csv files", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220107-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 8.0.0-beta3, < 8.3.2", }, { status: "affected", version: ">= 5.0.0, < 7.5.12", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-07T12:06:29", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-7533-c8qv-jm9m", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/d6ec6f8ad28f0212e584406730f939105ff6c6d3", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/releases/tag/v8.3.2", }, { name: "[oss-security] 20211210 CVE-2021-43813 and CVE-2021-43815 - Grafana directory traversal for some .md and .csv files", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220107-0006/", }, ], source: { advisory: "GHSA-7533-c8qv-jm9m", discovery: "UNKNOWN", }, title: "Grafana directory traversal for `.cvs` files", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-43815", STATE: "PUBLIC", TITLE: "Grafana directory traversal for `.cvs` files", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: ">= 8.0.0-beta3, < 8.3.2", }, { version_value: ">= 5.0.0, < 7.5.12", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d", refsource: "MISC", url: "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d", }, { name: "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/", refsource: "MISC", url: "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/", }, { name: "https://github.com/grafana/grafana/security/advisories/GHSA-7533-c8qv-jm9m", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-7533-c8qv-jm9m", }, { name: "https://github.com/grafana/grafana/commit/d6ec6f8ad28f0212e584406730f939105ff6c6d3", refsource: "MISC", url: "https://github.com/grafana/grafana/commit/d6ec6f8ad28f0212e584406730f939105ff6c6d3", }, { name: "https://github.com/grafana/grafana/releases/tag/v8.3.2", refsource: "MISC", url: "https://github.com/grafana/grafana/releases/tag/v8.3.2", }, { name: "[oss-security] 20211210 CVE-2021-43813 and CVE-2021-43815 - Grafana directory traversal for some .md and .csv files", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { name: "https://security.netapp.com/advisory/ntap-20220107-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220107-0006/", }, ], }, source: { advisory: "GHSA-7533-c8qv-jm9m", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-43815", datePublished: "2021-12-10T20:40:11", dateReserved: "2021-11-16T00:00:00", dateUpdated: "2024-08-04T04:03:08.839Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23552
Vulnerability from cvelistv5
Published
2023-01-27 22:59
Modified
2024-08-03 03:43
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance.
An attacker needs to have the Editor role in order to change a panel to include either an external URL to a SVG-file containing JavaScript, or use the `data:` scheme to load an inline SVG-file containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard.
Users may upgrade to version 8.5.16, 9.2.10, or 9.3.4 to receive a fix.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/security/advisories/GHSA-8xmm-x63g-f6xv | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/pull/62143 | x_refsource_MISC | |
| https://github.com/grafana/grafana/commit/1c8a50b36973bd59a1cc5f34c30de8a9a6a431f0 | x_refsource_MISC | |
| https://github.com/grafana/grafana/commit/8b574e22b53aa4c5a35032a58844fd4aaaa12f5f | x_refsource_MISC | |
| https://github.com/grafana/grafana/commit/c022534e3848a5d45c0b3face23b43aa44e4400a | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:43:46.570Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://security.netapp.com/advisory/ntap-20230302-0008/", }, { name: "https://github.com/grafana/grafana/security/advisories/GHSA-8xmm-x63g-f6xv", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-8xmm-x63g-f6xv", }, { name: "https://github.com/grafana/grafana/pull/62143", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/62143", }, { name: "https://github.com/grafana/grafana/commit/1c8a50b36973bd59a1cc5f34c30de8a9a6a431f0", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/1c8a50b36973bd59a1cc5f34c30de8a9a6a431f0", }, { name: "https://github.com/grafana/grafana/commit/8b574e22b53aa4c5a35032a58844fd4aaaa12f5f", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/8b574e22b53aa4c5a35032a58844fd4aaaa12f5f", }, { name: "https://github.com/grafana/grafana/commit/c022534e3848a5d45c0b3face23b43aa44e4400a", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/c022534e3848a5d45c0b3face23b43aa44e4400a", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-23552", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-01T14:04:19.237399Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-01T14:04:27.841Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 9.0, < 9.2.10", }, { status: "affected", version: ">= 9.3, < 9.3.4", }, { status: "affected", version: ">= 8.1, < 8.5.16", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. \n\nAn attacker needs to have the Editor role in order to change a panel to include either an external URL to a SVG-file containing JavaScript, or use the `data:` scheme to load an inline SVG-file containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.16, 9.2.10, or 9.3.4 to receive a fix.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-27T22:59:16.675Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-8xmm-x63g-f6xv", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-8xmm-x63g-f6xv", }, { name: "https://github.com/grafana/grafana/pull/62143", tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/pull/62143", }, { name: "https://github.com/grafana/grafana/commit/1c8a50b36973bd59a1cc5f34c30de8a9a6a431f0", tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/1c8a50b36973bd59a1cc5f34c30de8a9a6a431f0", }, { name: "https://github.com/grafana/grafana/commit/8b574e22b53aa4c5a35032a58844fd4aaaa12f5f", tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/8b574e22b53aa4c5a35032a58844fd4aaaa12f5f", }, { name: "https://github.com/grafana/grafana/commit/c022534e3848a5d45c0b3face23b43aa44e4400a", tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/c022534e3848a5d45c0b3face23b43aa44e4400a", }, ], source: { advisory: "GHSA-8xmm-x63g-f6xv", discovery: "UNKNOWN", }, title: "Grafana stored XSS in FileUploader component ", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-23552", datePublished: "2023-01-27T22:59:16.675Z", dateReserved: "2022-01-19T21:23:53.801Z", dateUpdated: "2024-08-03T03:43:46.570Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12459
Vulnerability from cvelistv5
Published
2020-04-29 15:56
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/issues/8283 | x_refsource_MISC | |
| https://access.redhat.com/security/cve/CVE-2020-12459 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1829724 | x_refsource_CONFIRM | |
| https://src.fedoraproject.org/rpms/grafana/c/fab93d67363eb0a9678d9faf160cc88237f26277 | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/ | vendor-advisory, x_refsource_FEDORA | |
| https://security.netapp.com/advisory/ntap-20200518-0004/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:56:52.069Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/issues/8283", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2020-12459", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1829724", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://src.fedoraproject.org/rpms/grafana/c/fab93d67363eb0a9678d9faf160cc88237f26277", }, { name: "FEDORA-2020-d109a1d1d9", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/", }, { name: "FEDORA-2020-c6b0c7ebbb", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200518-0004/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-18T04:06:10", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/issues/8283", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/security/cve/CVE-2020-12459", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1829724", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://src.fedoraproject.org/rpms/grafana/c/fab93d67363eb0a9678d9faf160cc88237f26277", }, { name: "FEDORA-2020-d109a1d1d9", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/", }, { name: "FEDORA-2020-c6b0c7ebbb", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200518-0004/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-12459", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/issues/8283", refsource: "MISC", url: "https://github.com/grafana/grafana/issues/8283", }, { name: "https://access.redhat.com/security/cve/CVE-2020-12459", refsource: "CONFIRM", url: "https://access.redhat.com/security/cve/CVE-2020-12459", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1829724", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1829724", }, { name: "https://src.fedoraproject.org/rpms/grafana/c/fab93d67363eb0a9678d9faf160cc88237f26277", refsource: "CONFIRM", url: "https://src.fedoraproject.org/rpms/grafana/c/fab93d67363eb0a9678d9faf160cc88237f26277", }, { name: "FEDORA-2020-d109a1d1d9", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/", }, { name: "FEDORA-2020-c6b0c7ebbb", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/", }, { name: "https://security.netapp.com/advisory/ntap-20200518-0004/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200518-0004/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-12459", datePublished: "2020-04-29T15:56:56", dateReserved: "2020-04-29T00:00:00", dateUpdated: "2024-08-04T11:56:52.069Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-6152
Vulnerability from cvelistv5
Published
2024-02-13 21:38
Modified
2025-02-15 00:10
Severity ?
EPSS score ?
Summary
A user changing their email after signing up and verifying it can change it without verification in profile settings.
The configuration option "verify_email_enabled" will only validate email only on sign up.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Grafana | Grafana |
Version: 2.5.0 ≤ Version: 10.0.0 ≤ Version: 10.1.0 ≤ Version: 10.2.0 ≤ Version: 10.3.0 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2025-02-15T00:10:28.890Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://grafana.com/security/security-advisories/cve-2023-6152/", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f", }, { url: "https://security.netapp.com/advisory/ntap-20250214-0008/", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "grafana", vendor: "grafana", versions: [ { lessThan: "9.5.16", status: "affected", version: "2.5.0", versionType: "custom", }, { lessThan: "10.0.11", status: "affected", version: "10.0.0", versionType: "custom", }, { lessThan: "10.1.7", status: "affected", version: "10.10", versionType: "custom", }, { lessThan: "10.2.4", status: "affected", version: "10.2.0", versionType: "custom", }, { lessThan: "10.3.3", status: "affected", version: "10.3.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "grafana_enterprise", vendor: "grafana", versions: [ { lessThan: "9.5.16", status: "affected", version: "2.5.0", versionType: "custom", }, { lessThan: "10.0.11", status: "affected", version: "10.0.0", versionType: "custom", }, { lessThan: "10.1.7", status: "affected", version: "10.10", versionType: "custom", }, { lessThan: "10.2.4", status: "affected", version: "10.2.0", versionType: "custom", }, { lessThan: "10.3.3", status: "affected", version: "10.3.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-6152", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-22T15:42:45.786092Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-22T15:51:56.870Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Grafana", vendor: "Grafana", versions: [ { lessThan: "9.5.16", status: "affected", version: "2.5.0", versionType: "semver", }, { lessThan: "10.0.11", status: "affected", version: "10.0.0", versionType: "semver", }, { lessThan: "10.1.7", status: "affected", version: "10.1.0", versionType: "semver", }, { lessThan: "10.2.4", status: "affected", version: "10.2.0", versionType: "semver", }, { lessThan: "10.3.3", status: "affected", version: "10.3.0", versionType: "semver", }, ], }, { product: "Grafana Enterprise", vendor: "Grafana", versions: [ { lessThan: "9.5.16", status: "affected", version: "2.5.0", versionType: "semver", }, { lessThan: "10.0.11", status: "affected", version: "10.0.0", versionType: "semver", }, { lessThan: "10.1.7", status: "affected", version: "10.1.0", versionType: "semver", }, { lessThan: "10.2.4", status: "affected", version: "10.2.0", versionType: "semver", }, { lessThan: "10.3.3", status: "affected", version: "10.3.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>A user changing their email after signing up and verifying it can change it without verification in profile settings.</p><p>The configuration option \"verify_email_enabled\" will only validate email only on sign up.</p>", }, ], value: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n", }, ], impacts: [ { capecId: "CAPEC-115", descriptions: [ { lang: "en", value: "CAPEC-115", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-863", description: "CWE-863", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-13T21:38:01.404Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2023-6152/", }, { url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f", }, ], }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2023-6152", datePublished: "2024-02-13T21:38:01.404Z", dateReserved: "2023-11-15T12:44:28.824Z", dateUpdated: "2025-02-15T00:10:28.890Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-10452
Vulnerability from cvelistv5
Published
2024-10-29 15:16
Modified
2024-10-29 15:35
Severity ?
EPSS score ?
Summary
Organization admins can delete pending invites created in an organization they are not part of.
References
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-10452", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-29T15:35:24.824806Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-29T15:35:35.167Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Grafana", vendor: "Grafana", versions: [ { status: "affected", version: "10.4.0", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Organization admins can delete pending invites created in an organization they are not part of.", }, ], value: "Organization admins can delete pending invites created in an organization they are not part of.", }, ], impacts: [ { capecId: "CAPEC-109", descriptions: [ { lang: "en", value: "CAPEC-109 Object Relational Mapping Injection", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 2.2, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-639", description: "CWE-639 Authorization Bypass Through User-Controlled Key", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-29T15:16:22.405Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2024-10452", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2024-10452", datePublished: "2024-10-29T15:16:22.405Z", dateReserved: "2024-10-28T09:08:31.193Z", dateUpdated: "2024-10-29T15:35:35.167Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-36062
Vulnerability from cvelistv5
Published
2022-09-22 00:00
Modified
2024-08-03 09:52
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerability impacts Grafana instances where RBAC was disabled and enabled afterwards, as the migrations which are translating legacy folder permissions to RBAC permissions do not account for the scenario where the only user permission in the folder is Admin, as a result RBAC adds permissions for Editors and Viewers which allow them to edit and view folders accordingly. This issue has been patched in versions 8.5.13, 9.0.9, and 9.1.6. A workaround when the impacted folder/dashboard is known is to remove the additional permissions manually.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:52:00.539Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-p978-56hq-r492", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20221215-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: "< 8.5.13", }, { status: "affected", version: ">= 9.0.0, < 9.0.9", }, { status: "affected", version: ">= 9.1.0, < 9.1.6", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerability impacts Grafana instances where RBAC was disabled and enabled afterwards, as the migrations which are translating legacy folder permissions to RBAC permissions do not account for the scenario where the only user permission in the folder is Admin, as a result RBAC adds permissions for Editors and Viewers which allow them to edit and view folders accordingly. This issue has been patched in versions 8.5.13, 9.0.9, and 9.1.6. A workaround when the impacted folder/dashboard is known is to remove the additional permissions manually.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-281", description: "CWE-281: Improper Preservation of Permissions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-15T00:00:00", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/grafana/grafana/security/advisories/GHSA-p978-56hq-r492", }, { url: "https://security.netapp.com/advisory/ntap-20221215-0001/", }, ], source: { advisory: "GHSA-p978-56hq-r492", discovery: "UNKNOWN", }, title: "Grafana folders admin only permission privilege escalation", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-36062", datePublished: "2022-09-22T00:00:00", dateReserved: "2022-07-15T00:00:00", dateUpdated: "2024-08-03T09:52:00.539Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23498
Vulnerability from cvelistv5
Published
2023-02-03 21:34
Modified
2025-03-05 19:27
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the vulnerability you can disable datasource query caching for all datasources. This issue has been patched in versions 9.2.10 and 9.3.4.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:43:46.002Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://security.netapp.com/advisory/ntap-20230309-0007/", }, { name: "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-23498", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:42:19.487478Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:27:24.444Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 8.3.0-beta1, < 9.2.10", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the vulnerability you can disable datasource query caching for all datasources. This issue has been patched in versions 9.2.10 and 9.3.4.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-03T21:34:58.677Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8", }, ], source: { advisory: "GHSA-2j8f-6whh-frc8", discovery: "UNKNOWN", }, title: "When query caching is enabled in Grafana users can query another users session", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-23498", datePublished: "2023-02-03T21:34:58.677Z", dateReserved: "2022-01-19T21:23:53.768Z", dateUpdated: "2025-03-05T19:27:24.444Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-28660
Vulnerability from cvelistv5
Published
2022-05-20 14:32
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used. Versions 1.2.1, 1.3.1, and 1.4.0 contain the bugfix. This affects -auth.type=enterprise in microservices mode
References
| ▼ | URL | Tags |
|---|---|---|
| https://grafana.com/docs/enterprise-logs/latest/gel-releases/#v121----may-3-2022 | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20220707-0004/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:56:16.454Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://grafana.com/docs/enterprise-logs/latest/gel-releases/#v121----may-3-2022", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220707-0004/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used. Versions 1.2.1, 1.3.1, and 1.4.0 contain the bugfix. This affects -auth.type=enterprise in microservices mode", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-07T14:07:46", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://grafana.com/docs/enterprise-logs/latest/gel-releases/#v121----may-3-2022", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220707-0004/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-28660", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used. Versions 1.2.1, 1.3.1, and 1.4.0 contain the bugfix. This affects -auth.type=enterprise in microservices mode", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://grafana.com/docs/enterprise-logs/latest/gel-releases/#v121----may-3-2022", refsource: "CONFIRM", url: "https://grafana.com/docs/enterprise-logs/latest/gel-releases/#v121----may-3-2022", }, { name: "https://security.netapp.com/advisory/ntap-20220707-0004/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220707-0004/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-28660", datePublished: "2022-05-20T14:32:17", dateReserved: "2022-04-05T00:00:00", dateUpdated: "2024-08-03T05:56:16.454Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24812
Vulnerability from cvelistv5
Published
2022-04-12 17:00
Modified
2024-08-03 04:20
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. When fine-grained access control is enabled and a client uses Grafana API Key to make requests, the permissions for that API Key are cached for 30 seconds for the given organization. Because of the way the cache ID is constructed, the consequent requests with any API Key evaluate to the same permissions as the previous requests. This can lead to an escalation of privileges, when for example a first request is made with Admin permissions, and the second request with different API Key is made with Viewer permissions, the second request will get the cached permissions from the previous Admin, essentially accessing higher privilege than it should. The vulnerability is only impacting Grafana Enterprise when the fine-grained access control beta feature is enabled and there are more than one API Keys in one organization with different roles assigned. All installations after Grafana Enterprise v8.1.0-beta1 should be upgraded as soon as possible. As an alternative, disable fine-grained access control will mitigate the vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/security/advisories/GHSA-82gq-xfg3-5j7v | x_refsource_CONFIRM | |
| https://grafana.com/blog/2022/04/12/grafana-enterprise-8.4.6-released-with-high-severity-security-fix/ | x_refsource_MISC | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-4-6/ | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220519-0005/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:20:50.621Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-82gq-xfg3-5j7v", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/blog/2022/04/12/grafana-enterprise-8.4.6-released-with-high-severity-security-fix/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-4-6/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220519-0005/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: " >= 8.1.0-beta1, < 8.4.6", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. When fine-grained access control is enabled and a client uses Grafana API Key to make requests, the permissions for that API Key are cached for 30 seconds for the given organization. Because of the way the cache ID is constructed, the consequent requests with any API Key evaluate to the same permissions as the previous requests. This can lead to an escalation of privileges, when for example a first request is made with Admin permissions, and the second request with different API Key is made with Viewer permissions, the second request will get the cached permissions from the previous Admin, essentially accessing higher privilege than it should. The vulnerability is only impacting Grafana Enterprise when the fine-grained access control beta feature is enabled and there are more than one API Keys in one organization with different roles assigned. All installations after Grafana Enterprise v8.1.0-beta1 should be upgraded as soon as possible. As an alternative, disable fine-grained access control will mitigate the vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269: Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-19T19:06:25", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-82gq-xfg3-5j7v", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/blog/2022/04/12/grafana-enterprise-8.4.6-released-with-high-severity-security-fix/", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-4-6/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220519-0005/", }, ], source: { advisory: "GHSA-82gq-xfg3-5j7v", discovery: "UNKNOWN", }, title: "FGAC API Key privilege escalation in Grafana", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-24812", STATE: "PUBLIC", TITLE: "FGAC API Key privilege escalation in Grafana", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: " >= 8.1.0-beta1, < 8.4.6", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open-source platform for monitoring and observability. When fine-grained access control is enabled and a client uses Grafana API Key to make requests, the permissions for that API Key are cached for 30 seconds for the given organization. Because of the way the cache ID is constructed, the consequent requests with any API Key evaluate to the same permissions as the previous requests. This can lead to an escalation of privileges, when for example a first request is made with Admin permissions, and the second request with different API Key is made with Viewer permissions, the second request will get the cached permissions from the previous Admin, essentially accessing higher privilege than it should. The vulnerability is only impacting Grafana Enterprise when the fine-grained access control beta feature is enabled and there are more than one API Keys in one organization with different roles assigned. All installations after Grafana Enterprise v8.1.0-beta1 should be upgraded as soon as possible. As an alternative, disable fine-grained access control will mitigate the vulnerability.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-269: Improper Privilege Management", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-82gq-xfg3-5j7v", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-82gq-xfg3-5j7v", }, { name: "https://grafana.com/blog/2022/04/12/grafana-enterprise-8.4.6-released-with-high-severity-security-fix/", refsource: "MISC", url: "https://grafana.com/blog/2022/04/12/grafana-enterprise-8.4.6-released-with-high-severity-security-fix/", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-4-6/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-4-6/", }, { name: "https://security.netapp.com/advisory/ntap-20220519-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220519-0005/", }, ], }, source: { advisory: "GHSA-82gq-xfg3-5j7v", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-24812", datePublished: "2022-04-12T17:00:19", dateReserved: "2022-02-10T00:00:00", dateUpdated: "2024-08-03T04:20:50.621Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12245
Vulnerability from cvelistv5
Published
2020-04-24 20:24
Modified
2024-08-04 11:48
Severity ?
EPSS score ?
Summary
Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/blob/master/CHANGELOG.md#673-2020-04-23 | x_refsource_MISC | |
| https://community.grafana.com/t/release-notes-v6-7-x/27119 | x_refsource_MISC | |
| https://github.com/grafana/grafana/pull/23816 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200511-0001/ | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:48:58.631Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#673-2020-04-23", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/23816", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200511-0001/", }, { name: "openSUSE-SU-2020:0892", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { name: "openSUSE-SU-2020:1105", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { name: "openSUSE-SU-2020:1611", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { name: "openSUSE-SU-2020:1646", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-10T17:06:16", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#673-2020-04-23", }, { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/pull/23816", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200511-0001/", }, { name: "openSUSE-SU-2020:0892", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { name: "openSUSE-SU-2020:1105", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { name: "openSUSE-SU-2020:1611", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { name: "openSUSE-SU-2020:1646", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-12245", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#673-2020-04-23", refsource: "MISC", url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#673-2020-04-23", }, { name: "https://community.grafana.com/t/release-notes-v6-7-x/27119", refsource: "MISC", url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { name: "https://github.com/grafana/grafana/pull/23816", refsource: "MISC", url: "https://github.com/grafana/grafana/pull/23816", }, { name: "https://security.netapp.com/advisory/ntap-20200511-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200511-0001/", }, { name: "openSUSE-SU-2020:0892", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { name: "openSUSE-SU-2020:1105", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { name: "openSUSE-SU-2020:1611", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { name: "openSUSE-SU-2020:1646", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-12245", datePublished: "2020-04-24T20:24:48", dateReserved: "2020-04-24T00:00:00", dateUpdated: "2024-08-04T11:48:58.631Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-13068
Vulnerability from cvelistv5
Published
2019-06-29 00:00
Modified
2024-08-04 23:41
Severity ?
EPSS score ?
Summary
public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:41:10.471Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/issues/17718", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/releases/tag/v6.2.5", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190710-0001/", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/171500/Grafana-6.2.4-HTML-Injection.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-27T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/grafana/grafana/issues/17718", }, { url: "https://github.com/grafana/grafana/releases/tag/v6.2.5", }, { url: "https://security.netapp.com/advisory/ntap-20190710-0001/", }, { url: "http://packetstormsecurity.com/files/171500/Grafana-6.2.4-HTML-Injection.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-13068", datePublished: "2019-06-29T00:00:00", dateReserved: "2019-06-29T00:00:00", dateUpdated: "2024-08-04T23:41:10.471Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-1313
Vulnerability from cvelistv5
Published
2024-03-26 17:24
Modified
2025-02-13 17:27
Severity ?
EPSS score ?
Summary
It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/<key> using its view key. This functionality is intended to only be available to individuals with the permission to write/edit to the snapshot in question, but due to a bug in the authorization logic, deletion requests issued by an unprivileged user in a different organization than the snapshot owner are treated as authorized.
Grafana Labs would like to thank Ravid Mazon and Jay Chen of Palo
Alto Research for discovering and disclosing this vulnerability.
This issue affects Grafana: from 9.5.0 before 9.5.18, from 10.0.0 before 10.0.13, from 10.1.0 before 10.1.9, from 10.2.0 before 10.2.6, from 10.3.0 before 10.3.5.
References
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-1313", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-10T20:46:01.440788Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-10T20:46:07.773Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T18:33:25.596Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://grafana.com/security/security-advisories/cve-2024-1313/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240524-0008/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "Linux", ], product: "Grafana", repo: "https://github.com/grafana/grafana", vendor: "Grafana", versions: [ { lessThan: "9.5.18", status: "affected", version: "9.5.0", versionType: "semver", }, { lessThan: "10.0.13", status: "affected", version: "10.0.0", versionType: "semver", }, { lessThan: "10.1.9", status: "affected", version: "10.1.0", versionType: "semver", }, { lessThan: "10.2.6", status: "affected", version: "10.2.0", versionType: "semver", }, { lessThan: "10.3.5", status: "affected", version: "10.3.0", versionType: "semver", }, { status: "unaffected", version: "10.4.0", }, ], }, ], configurations: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "To be exposed to this issue, a grafana instance must be configured with multiple organizations and have the snapshots feature turned on.<br>", }, ], value: "To be exposed to this issue, a grafana instance must be configured with multiple organizations and have the snapshots feature turned on.", }, ], credits: [ { lang: "en", type: "finder", value: "Ravid Mazon", }, { lang: "en", type: "finder", value: "Jay Chen", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/<key> using its view key. This functionality is intended to only be available to individuals with the permission to write/edit to the snapshot in question, but due to a bug in the authorization logic, deletion requests issued by an unprivileged user in a different organization than the snapshot owner are treated as authorized.<br><p><br>Grafana Labs would like to thank Ravid Mazon and Jay Chen of Palo \nAlto Research for discovering and disclosing this vulnerability.<br><br>This issue affects Grafana: from 9.5.0 before 9.5.18, from 10.0.0 before 10.0.13, from 10.1.0 before 10.1.9, from 10.2.0 before 10.2.6, from 10.3.0 before 10.3.5.<br><br></p>", }, ], value: "It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/<key> using its view key. This functionality is intended to only be available to individuals with the permission to write/edit to the snapshot in question, but due to a bug in the authorization logic, deletion requests issued by an unprivileged user in a different organization than the snapshot owner are treated as authorized.\n\nGrafana Labs would like to thank Ravid Mazon and Jay Chen of Palo \nAlto Research for discovering and disclosing this vulnerability.\n\nThis issue affects Grafana: from 9.5.0 before 9.5.18, from 10.0.0 before 10.0.13, from 10.1.0 before 10.1.9, from 10.2.0 before 10.2.6, from 10.3.0 before 10.3.5.", }, ], impacts: [ { capecId: "CAPEC-137", descriptions: [ { lang: "en", value: "CAPEC-137 Parameter Injection", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-639", description: "CWE-639 Authorization Bypass Through User-Controlled Key", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-10T18:08:06.260Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2024-1313/", }, { url: "https://security.netapp.com/advisory/ntap-20240524-0008/", }, ], source: { discovery: "EXTERNAL", }, title: "Users outside an organization can delete a snapshot with its key", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2024-1313", datePublished: "2024-03-26T17:24:25.956Z", dateReserved: "2024-02-07T15:15:07.330Z", dateUpdated: "2025-02-13T17:27:36.664Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-0594
Vulnerability from cvelistv5
Published
2023-03-01 15:36
Modified
2025-03-07 19:34
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability.
Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization.
The stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this will be rendered when the span's attributes/resources are expanded.
An attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript.
This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard.
Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Grafana | Grafana |
Version: 7.0.0 ≤ Version: 9.0.0 ≤ Version: 9.3.0 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T05:17:50.130Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://security.netapp.com/advisory/ntap-20230331-0007/", }, { tags: [ "x_transferred", ], url: "https://grafana.com/security/security-advisories/cve-2023-0594/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-0594", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-07T19:34:05.808035Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-07T19:34:28.387Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Grafana", vendor: "Grafana", versions: [ { lessThan: "8.5.21", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThan: "9.2.13", status: "affected", version: "9.0.0", versionType: "semver", }, { lessThan: "9.3.8", status: "affected", version: "9.3.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "Grafana Enterprise", vendor: "Grafana", versions: [ { lessThan: "8.5.21", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThan: "9.2.13", status: "affected", version: "9.0.0", versionType: "semver", }, { lessThan: "9.3.8", status: "affected", version: "9.3.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Grafana is an open-source platform for monitoring and observability. </p><p>Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. </p><p>The stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this will be rendered when the span's attributes/resources are expanded.</p><p>An attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript. </p><p>This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. </p><p>Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix. </p>", }, ], value: "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. \n\nThe stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this will be rendered when the span's attributes/resources are expanded.\n\nAn attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript. \n\nThis means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix. \n\n", }, ], impacts: [ { capecId: "CAPEC-592", descriptions: [ { lang: "en", value: "CAPEC-592", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-04T10:15:49.096Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2023-0594/", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2023-0594", datePublished: "2023-03-01T15:36:43.881Z", dateReserved: "2023-01-31T10:37:31.334Z", dateUpdated: "2025-03-07T19:34:28.387Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32275
Vulnerability from cvelistv5
Published
2022-06-06 18:29
Modified
2024-08-03 07:39
Severity ?
EPSS score ?
Summary
Grafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content
References
| ▼ | URL | Tags |
|---|---|---|
| https://grafana.com | x_refsource_MISC | |
| https://github.com/BrotherOfJhonny/grafana/blob/main/README.md | x_refsource_MISC | |
| https://github.com/grafana/grafana/issues/50336 | x_refsource_MISC | |
| https://github.com/BrotherOfJhonny/grafana | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220715-0008/ | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/issues/50341#issuecomment-1155252393 | x_refsource_MISC |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:grafana:grafana:-:*:*:*:enterprise:*:*:*", ], defaultStatus: "unknown", product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: "8.4.3", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-32275", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-05-01T15:19:11.619001Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-04T17:16:24.215Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-03T07:39:50.900Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/BrotherOfJhonny/grafana/blob/main/README.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/issues/50336", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/BrotherOfJhonny/grafana", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220715-0008/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/issues/50341#issuecomment-1155252393", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-08T16:59:28", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://grafana.com", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/BrotherOfJhonny/grafana/blob/main/README.md", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/issues/50336", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/BrotherOfJhonny/grafana", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220715-0008/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/issues/50341#issuecomment-1155252393", }, ], tags: [ "disputed", ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-32275", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "** DISPUTED ** Grafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://grafana.com", refsource: "MISC", url: "https://grafana.com", }, { name: "https://github.com/BrotherOfJhonny/grafana/blob/main/README.md", refsource: "MISC", url: "https://github.com/BrotherOfJhonny/grafana/blob/main/README.md", }, { name: "https://github.com/grafana/grafana/issues/50336", refsource: "MISC", url: "https://github.com/grafana/grafana/issues/50336", }, { name: "https://github.com/BrotherOfJhonny/grafana", refsource: "MISC", url: "https://github.com/BrotherOfJhonny/grafana", }, { name: "https://security.netapp.com/advisory/ntap-20220715-0008/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220715-0008/", }, { name: "https://github.com/grafana/grafana/issues/50341#issuecomment-1155252393", refsource: "MISC", url: "https://github.com/grafana/grafana/issues/50341#issuecomment-1155252393", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-32275", datePublished: "2022-06-06T18:29:07", dateReserved: "2022-06-03T00:00:00", dateUpdated: "2024-08-03T07:39:50.900Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-31123
Vulnerability from cvelistv5
Published
2022-10-13 00:00
Modified
2024-08-03 07:11
Severity ?
EPSS score ?
Summary
Grafana is an open source observability and data visualization platform. Versions prior to 9.1.8 and 8.5.14 are vulnerable to a bypass in the plugin signature verification. An attacker can convince a server admin to download and successfully run a malicious plugin even though unsigned plugins are not allowed. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not install plugins downloaded from untrusted sources.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:11:39.205Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-rhxj-gh46-jvw8", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20221124-0002/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: "< 8.5.14", }, { status: "affected", version: ">= 9.0.0, < 9.1.8", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open source observability and data visualization platform. Versions prior to 9.1.8 and 8.5.14 are vulnerable to a bypass in the plugin signature verification. An attacker can convince a server admin to download and successfully run a malicious plugin even though unsigned plugins are not allowed. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not install plugins downloaded from untrusted sources.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-347", description: "CWE-347: Improper Verification of Cryptographic Signature", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-24T00:00:00", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/grafana/grafana/security/advisories/GHSA-rhxj-gh46-jvw8", }, { url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { url: "https://security.netapp.com/advisory/ntap-20221124-0002/", }, ], source: { advisory: "GHSA-rhxj-gh46-jvw8", discovery: "UNKNOWN", }, title: "Grafana plugin signature bypass vulnerability", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-31123", datePublished: "2022-10-13T00:00:00", dateReserved: "2022-05-18T00:00:00", dateUpdated: "2024-08-03T07:11:39.205Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-27846
Vulnerability from cvelistv5
Published
2020-12-21 15:16
Modified
2024-08-04 16:25
Severity ?
EPSS score ?
Summary
A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1907670 | x_refsource_MISC | |
| https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/ | x_refsource_MISC | |
| https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9 | x_refsource_MISC | |
| https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/ | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YUTKIRWT6TWU7DS6GF3EOANVQBFQZYI/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICP3YRY2VUCNCF2VFUSK77ZMRIC77FEM/ | vendor-advisory, x_refsource_FEDORA | |
| https://security.netapp.com/advisory/ntap-20210205-0002/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | crewjam/saml |
Version: grafana-7.3.6, grafana-7.2.3, grafana-6.7.5, github.com/crewjam/saml-0.4.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:25:43.248Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907670", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/", }, { name: "FEDORA-2020-968067abfa", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YUTKIRWT6TWU7DS6GF3EOANVQBFQZYI/", }, { name: "FEDORA-2020-64e54abd9f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICP3YRY2VUCNCF2VFUSK77ZMRIC77FEM/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210205-0002/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "crewjam/saml", vendor: "n/a", versions: [ { status: "affected", version: "grafana-7.3.6, grafana-7.2.3, grafana-6.7.5, github.com/crewjam/saml-0.4.3", }, ], }, ], descriptions: [ { lang: "en", value: "A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-115", description: "CWE-115", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-05T11:06:13", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907670", }, { tags: [ "x_refsource_MISC", ], url: "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/", }, { name: "FEDORA-2020-968067abfa", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YUTKIRWT6TWU7DS6GF3EOANVQBFQZYI/", }, { name: "FEDORA-2020-64e54abd9f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICP3YRY2VUCNCF2VFUSK77ZMRIC77FEM/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20210205-0002/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-27846", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "crewjam/saml", version: { version_data: [ { version_value: "grafana-7.3.6, grafana-7.2.3, grafana-6.7.5, github.com/crewjam/saml-0.4.3", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-115", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1907670", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907670", }, { name: "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/", refsource: "MISC", url: "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/", }, { name: "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9", refsource: "MISC", url: "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9", }, { name: "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/", refsource: "MISC", url: "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/", }, { name: "FEDORA-2020-968067abfa", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUTKIRWT6TWU7DS6GF3EOANVQBFQZYI/", }, { name: "FEDORA-2020-64e54abd9f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ICP3YRY2VUCNCF2VFUSK77ZMRIC77FEM/", }, { name: "https://security.netapp.com/advisory/ntap-20210205-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20210205-0002/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-27846", datePublished: "2020-12-21T15:16:14", dateReserved: "2020-10-27T00:00:00", dateUpdated: "2024-08-04T16:25:43.248Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12099
Vulnerability from cvelistv5
Published
2018-06-11 11:00
Modified
2024-08-05 08:24
Severity ?
EPSS score ?
Summary
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/pull/11813 | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/releases/tag/v5.2.0-beta1 | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190416-0004/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:24:03.598Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/11813", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/releases/tag/v5.2.0-beta1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190416-0004/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-06-11T00:00:00", descriptions: [ { lang: "en", value: "Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-16T05:06:03", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/pull/11813", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/releases/tag/v5.2.0-beta1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190416-0004/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-12099", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/pull/11813", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/pull/11813", }, { name: "https://github.com/grafana/grafana/releases/tag/v5.2.0-beta1", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/releases/tag/v5.2.0-beta1", }, { name: "https://security.netapp.com/advisory/ntap-20190416-0004/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190416-0004/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-12099", datePublished: "2018-06-11T11:00:00", dateReserved: "2018-06-11T00:00:00", dateUpdated: "2024-08-05T08:24:03.598Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-29170
Vulnerability from cvelistv5
Published
2022-05-20 16:10
Modified
2024-08-03 06:17
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/security/advisories/GHSA-9rrr-6fq2-4f99 | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/pull/49240 | x_refsource_MISC | |
| https://github.com/grafana/grafana/releases/tag/v7.5.16 | x_refsource_MISC | |
| https://github.com/grafana/grafana/releases/tag/v8.5.3 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220707-0005/ | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:17:54.001Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-9rrr-6fq2-4f99", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/49240", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/releases/tag/v7.5.16", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/releases/tag/v8.5.3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220707-0005/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 7.4.0-beta1, < 7.5.16", }, { status: "affected", version: ">= 8.0.0, < 8.5.3", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-601", description: "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-07T14:06:21", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-9rrr-6fq2-4f99", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/pull/49240", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/releases/tag/v7.5.16", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/releases/tag/v8.5.3", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220707-0005/", }, ], source: { advisory: "GHSA-9rrr-6fq2-4f99", discovery: "UNKNOWN", }, title: "Grafana Enterprise datasource network restrictions bypass via HTTP redirects", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-29170", STATE: "PUBLIC", TITLE: "Grafana Enterprise datasource network restrictions bypass via HTTP redirects", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: ">= 7.4.0-beta1, < 7.5.16", }, { version_value: ">= 8.0.0, < 8.5.3", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-9rrr-6fq2-4f99", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-9rrr-6fq2-4f99", }, { name: "https://github.com/grafana/grafana/pull/49240", refsource: "MISC", url: "https://github.com/grafana/grafana/pull/49240", }, { name: "https://github.com/grafana/grafana/releases/tag/v7.5.16", refsource: "MISC", url: "https://github.com/grafana/grafana/releases/tag/v7.5.16", }, { name: "https://github.com/grafana/grafana/releases/tag/v8.5.3", refsource: "MISC", url: "https://github.com/grafana/grafana/releases/tag/v8.5.3", }, { name: "https://security.netapp.com/advisory/ntap-20220707-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220707-0005/", }, ], }, source: { advisory: "GHSA-9rrr-6fq2-4f99", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-29170", datePublished: "2022-05-20T16:10:12", dateReserved: "2022-04-13T00:00:00", dateUpdated: "2024-08-03T06:17:54.001Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-18624
Vulnerability from cvelistv5
Published
2020-06-02 16:40
Modified
2024-08-05 11:16
Severity ?
EPSS score ?
Summary
Grafana 5.3.1 has XSS via a column style on the "Dashboard > Table Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/pull/11813 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200608-0008/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:16:00.341Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/11813", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana 5.3.1 has XSS via a column style on the \"Dashboard > Table Panel\" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-08T12:06:04", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/pull/11813", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-18624", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana 5.3.1 has XSS via a column style on the \"Dashboard > Table Panel\" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/pull/11813", refsource: "MISC", url: "https://github.com/grafana/grafana/pull/11813", }, { name: "https://security.netapp.com/advisory/ntap-20200608-0008/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-18624", datePublished: "2020-06-02T16:40:23", dateReserved: "2018-10-23T00:00:00", dateUpdated: "2024-08-05T11:16:00.341Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-35957
Vulnerability from cvelistv5
Published
2022-09-20 00:00
Modified
2024-08-03 09:51
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:51:59.288Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q", }, { name: "FEDORA-2022-2eb4418018", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYU5C2RITLHVZSTCWNGQWA6KSPYNXM2H/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20221215-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: "> 9.0.0, < 9.1.6", }, { status: "affected", version: "< 8.5.13", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-290", description: "CWE-290: Authentication Bypass by Spoofing", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-15T00:00:00", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q", }, { name: "FEDORA-2022-2eb4418018", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYU5C2RITLHVZSTCWNGQWA6KSPYNXM2H/", }, { url: "https://security.netapp.com/advisory/ntap-20221215-0001/", }, ], source: { advisory: "GHSA-ff5c-938w-8c9q", discovery: "UNKNOWN", }, title: "Authentication Bypass in Grafana via auth proxy allowing escalation from admin to server admin", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-35957", datePublished: "2022-09-20T00:00:00", dateReserved: "2022-07-15T00:00:00", dateUpdated: "2024-08-03T09:51:59.288Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-13430
Vulnerability from cvelistv5
Published
2020-05-24 17:24
Modified
2024-08-04 12:18
Severity ?
EPSS score ?
Summary
Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/releases/tag/v7.0.0 | x_refsource_MISC | |
| https://github.com/grafana/grafana/pull/24539 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200528-0003/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:18:18.364Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/releases/tag/v7.0.0", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/24539", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200528-0003/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-28T12:06:14", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/releases/tag/v7.0.0", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/pull/24539", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200528-0003/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-13430", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/releases/tag/v7.0.0", refsource: "MISC", url: "https://github.com/grafana/grafana/releases/tag/v7.0.0", }, { name: "https://github.com/grafana/grafana/pull/24539", refsource: "MISC", url: "https://github.com/grafana/grafana/pull/24539", }, { name: "https://security.netapp.com/advisory/ntap-20200528-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200528-0003/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-13430", datePublished: "2020-05-24T17:24:18", dateReserved: "2020-05-24T00:00:00", dateUpdated: "2024-08-04T12:18:18.364Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-1442
Vulnerability from cvelistv5
Published
2024-03-07 17:45
Modified
2024-11-22 12:04
Severity ?
EPSS score ?
Summary
A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *.
Doing this will grant the user access to read, query, edit and delete all data sources within the organization.
References
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-1442", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-26T14:35:40.672183Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-26T14:35:58.049Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-11-22T12:04:45.739Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://grafana.com/security/security-advisories/cve-2024-1442/", }, { url: "https://security.netapp.com/advisory/ntap-20241122-0007/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Grafana", vendor: "Grafana", versions: [ { lessThan: "9.5.7", status: "affected", version: "8.5.0", versionType: "semver", }, { lessThan: "10.0.12", status: "affected", version: "10.0.0", versionType: "semver", }, { lessThan: "10.1.8", status: "affected", version: "10.1.0", versionType: "semver", }, { lessThan: "10.2.5", status: "affected", version: "10.2.0", versionType: "semver", }, { lessThan: "10.3.4", status: "affected", version: "10.3.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: " A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *.<br>Doing this will grant the user access to read, query, edit and delete all data sources within the organization.<br>", }, ], value: " A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *.\nDoing this will grant the user access to read, query, edit and delete all data sources within the organization.\n", }, ], impacts: [ { capecId: "CAPEC-233", descriptions: [ { lang: "en", value: "CAPEC-233 Privilege Escalation", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-03-07T17:45:43.993Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2024-1442/", }, ], source: { discovery: "INTERNAL", }, title: "User with permissions to create a data source can CRUD all data sources", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2024-1442", datePublished: "2024-03-07T17:45:43.993Z", dateReserved: "2024-02-12T12:21:26.806Z", dateUpdated: "2024-11-22T12:04:45.739Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12458
Vulnerability from cvelistv5
Published
2020-04-29 15:57
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/issues/8283 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1827765 | x_refsource_MISC | |
| https://access.redhat.com/security/cve/CVE-2020-12458 | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/ | vendor-advisory, x_refsource_FEDORA | |
| https://security.netapp.com/advisory/ntap-20200518-0001/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:56:52.049Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/issues/8283", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1827765", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2020-12458", }, { name: "FEDORA-2020-d109a1d1d9", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/", }, { name: "FEDORA-2020-c6b0c7ebbb", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200518-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-18T04:06:09", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/issues/8283", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1827765", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/security/cve/CVE-2020-12458", }, { name: "FEDORA-2020-d109a1d1d9", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/", }, { name: "FEDORA-2020-c6b0c7ebbb", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200518-0001/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-12458", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/issues/8283", refsource: "MISC", url: "https://github.com/grafana/grafana/issues/8283", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1827765", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1827765", }, { name: "https://access.redhat.com/security/cve/CVE-2020-12458", refsource: "CONFIRM", url: "https://access.redhat.com/security/cve/CVE-2020-12458", }, { name: "FEDORA-2020-d109a1d1d9", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/", }, { name: "FEDORA-2020-c6b0c7ebbb", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/", }, { name: "https://security.netapp.com/advisory/ntap-20200518-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200518-0001/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-12458", datePublished: "2020-04-29T15:57:05", dateReserved: "2020-04-29T00:00:00", dateUpdated: "2024-08-04T11:56:52.049Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39328
Vulnerability from cvelistv5
Published
2022-11-08 00:00
Modified
2024-08-03 12:00
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. Versions starting with 9.2.0 and less than 9.2.4 contain a race condition in the authentication middlewares logic which may allow an unauthenticated user to query an administration endpoint under heavy load. This issue is patched in 9.2.4. There are no known workarounds.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:00:44.037Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-vqc4-mpj8-jxch", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20221215-0003/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 9.2.0, < 9.2.4", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Versions starting with 9.2.0 and less than 9.2.4 contain a race condition in the authentication middlewares logic which may allow an unauthenticated user to query an administration endpoint under heavy load. This issue is patched in 9.2.4. There are no known workarounds.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-362", description: "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-15T00:00:00", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/grafana/grafana/security/advisories/GHSA-vqc4-mpj8-jxch", }, { url: "https://security.netapp.com/advisory/ntap-20221215-0003/", }, ], source: { advisory: "GHSA-vqc4-mpj8-jxch", discovery: "UNKNOWN", }, title: "Grafana vulnerable to race condition allowing privilege escalation", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-39328", datePublished: "2022-11-08T00:00:00", dateReserved: "2022-09-02T00:00:00", dateUpdated: "2024-08-03T12:00:44.037Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27358
Vulnerability from cvelistv5
Published
2021-03-18 19:43
Modified
2024-08-03 20:48
Severity ?
EPSS score ?
Summary
The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/blob/master/CHANGELOG.md | x_refsource_CONFIRM | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-2/ | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/blob/master/CHANGELOG.md#742-2021-02-17 | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20210513-0007/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:48:16.124Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-2/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#742-2021-02-17", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210513-0007/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-13T20:06:12", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-2/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#742-2021-02-17", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20210513-0007/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-27358", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-2/", refsource: "CONFIRM", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-2/", }, { name: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#742-2021-02-17", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#742-2021-02-17", }, { name: "https://security.netapp.com/advisory/ntap-20210513-0007/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20210513-0007/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-27358", datePublished: "2021-03-18T19:43:04", dateReserved: "2021-02-16T00:00:00", dateUpdated: "2024-08-03T20:48:16.124Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-21703
Vulnerability from cvelistv5
Published
2022-02-08 20:40
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attackers to elevate their privileges by mounting cross-origin attacks against authenticated high-privilege Grafana users (for example, Editors or Admins). An attacker can exploit this vulnerability for privilege escalation by tricking an authenticated user into inviting the attacker as a new user with high privileges. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/ | x_refsource_MISC | |
| https://github.com/grafana/grafana/security/advisories/GHSA-cmf4-h3xc-jw8w | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/pull/45083 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220303-0005/ | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:53:35.380Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-cmf4-h3xc-jw8w", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/45083", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, { name: "FEDORA-2022-83405f9d5b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { name: "FEDORA-2022-9dd03cab55", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { name: "FEDORA-2022-c5383675d9", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 3.0-beta1, < 7.5.15", }, { status: "affected", version: ">= 8.0.0, < 8.3.5", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attackers to elevate their privileges by mounting cross-origin attacks against authenticated high-privilege Grafana users (for example, Editors or Admins). An attacker can exploit this vulnerability for privilege escalation by tricking an authenticated user into inviting the attacker as a new user with high privileges. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-352", description: "CWE-352: Cross-Site Request Forgery (CSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-07T07:06:31", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-cmf4-h3xc-jw8w", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/pull/45083", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, { name: "FEDORA-2022-83405f9d5b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { name: "FEDORA-2022-9dd03cab55", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { name: "FEDORA-2022-c5383675d9", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, ], source: { advisory: "GHSA-cmf4-h3xc-jw8w", discovery: "UNKNOWN", }, title: "Cross Site Request Forgery in Grafana", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-21703", STATE: "PUBLIC", TITLE: "Cross Site Request Forgery in Grafana", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: ">= 3.0-beta1, < 7.5.15", }, { version_value: ">= 8.0.0, < 8.3.5", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attackers to elevate their privileges by mounting cross-origin attacks against authenticated high-privilege Grafana users (for example, Editors or Admins). An attacker can exploit this vulnerability for privilege escalation by tricking an authenticated user into inviting the attacker as a new user with high privileges. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-352: Cross-Site Request Forgery (CSRF)", }, ], }, ], }, references: { reference_data: [ { name: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", refsource: "MISC", url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { name: "https://github.com/grafana/grafana/security/advisories/GHSA-cmf4-h3xc-jw8w", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-cmf4-h3xc-jw8w", }, { name: "https://github.com/grafana/grafana/pull/45083", refsource: "MISC", url: "https://github.com/grafana/grafana/pull/45083", }, { name: "https://security.netapp.com/advisory/ntap-20220303-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, { name: "FEDORA-2022-83405f9d5b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { name: "FEDORA-2022-9dd03cab55", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { name: "FEDORA-2022-c5383675d9", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, ], }, source: { advisory: "GHSA-cmf4-h3xc-jw8w", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-21703", datePublished: "2022-02-08T20:40:10", dateReserved: "2021-11-16T00:00:00", dateUpdated: "2024-08-03T02:53:35.380Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-3128
Vulnerability from cvelistv5
Published
2023-06-22 20:14
Modified
2025-02-13 16:49
Severity ?
EPSS score ?
Summary
Grafana is validating Azure AD accounts based on the email claim.
On Azure AD, the profile email field is not unique and can be easily modified.
This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Grafana | Grafana |
Version: 9.5.0 ≤ Version: 9.4.0 ≤ Version: 9.3.0 ≤ Version: 9.2.0 ≤ Version: 6.7.0 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T06:48:07.347Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://grafana.com/security/security-advisories/cve-2023-3128/", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230714-0004/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-3128", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-06T15:26:35.297129Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-06T15:26:43.437Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Grafana", vendor: "Grafana", versions: [ { lessThan: "9.5.4", status: "affected", version: "9.5.0", versionType: "semver", }, { lessThan: "9.4.13", status: "affected", version: "9.4.0", versionType: "semver", }, { lessThan: "9.3.16", status: "affected", version: "9.3.0", versionType: "semver", }, { lessThan: "9.2.20", status: "affected", version: "9.2.0", versionType: "semver", }, { lessThan: "8.5.27", status: "affected", version: "6.7.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "Grafana Enterprise", vendor: "Grafana", versions: [ { lessThan: "9.5.4", status: "affected", version: "9.5.0", versionType: "semver", }, { lessThan: "9.4.13", status: "affected", version: "9.4.0", versionType: "semver", }, { lessThan: "9.3.16", status: "affected", version: "9.3.0", versionType: "semver", }, { lessThan: "9.2.20", status: "affected", version: "9.2.0", versionType: "semver", }, { lessThan: "8.5.27", status: "affected", version: "6.7.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Grafana is validating Azure AD accounts based on the email claim. </p><p>On Azure AD, the profile email field is not unique and can be easily modified. </p><p>This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. </p>", }, ], value: "Grafana is validating Azure AD accounts based on the email claim. \n\nOn Azure AD, the profile email field is not unique and can be easily modified. \n\nThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.", }, ], impacts: [ { capecId: "CAPEC-115", descriptions: [ { lang: "en", value: "CAPEC-115", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 9.4, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-290", description: "CWE-290", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-18T07:06:14.710Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2023-3128/", }, { url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp", }, { url: "https://security.netapp.com/advisory/ntap-20230714-0004/", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2023-3128", datePublished: "2023-06-22T20:14:00.805Z", dateReserved: "2023-06-06T15:02:55.259Z", dateUpdated: "2025-02-13T16:49:48.654Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-41174
Vulnerability from cvelistv5
Published
2021-11-03 18:00
Modified
2024-08-04 02:59
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor(‘alert(1)’)()}}. When the user follows the link and the page renders, the login button will contain the original link with a query parameter to force a redirect to the login page. The URL is not validated and the AngularJS rendering engine will execute the JavaScript expression contained in the URL. Users are advised to upgrade as soon as possible. If for some reason you cannot upgrade, you can use a reverse proxy or similar to block access to block the literal string {{ in the path.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8 | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912 | x_refsource_MISC | |
| https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82 | x_refsource_MISC | |
| https://github.com/grafana/grafana/commit/fb85ed691290d211a5baa44d9a641ab137f0de88 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20211125-0003/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:59:31.645Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/fb85ed691290d211a5baa44d9a641ab137f0de88", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211125-0003/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 8.0.0, < 8.2.3", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor(‘alert(1)’)()}}. When the user follows the link and the page renders, the login button will contain the original link with a query parameter to force a redirect to the login page. The URL is not validated and the AngularJS rendering engine will execute the JavaScript expression contained in the URL. Users are advised to upgrade as soon as possible. If for some reason you cannot upgrade, you can use a reverse proxy or similar to block access to block the literal string {{ in the path.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-25T06:06:11", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/fb85ed691290d211a5baa44d9a641ab137f0de88", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211125-0003/", }, ], source: { advisory: "GHSA-3j9m-hcv9-rpj8", discovery: "UNKNOWN", }, title: "XSS vulnerability allowing arbitrary JavaScript execution", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-41174", STATE: "PUBLIC", TITLE: "XSS vulnerability allowing arbitrary JavaScript execution", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: ">= 8.0.0, < 8.2.3", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor(‘alert(1)’)()}}. When the user follows the link and the page renders, the login button will contain the original link with a query parameter to force a redirect to the login page. The URL is not validated and the AngularJS rendering engine will execute the JavaScript expression contained in the URL. Users are advised to upgrade as soon as possible. If for some reason you cannot upgrade, you can use a reverse proxy or similar to block access to block the literal string {{ in the path.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8", }, { name: "https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912", refsource: "MISC", url: "https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912", }, { name: "https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82", refsource: "MISC", url: "https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82", }, { name: "https://github.com/grafana/grafana/commit/fb85ed691290d211a5baa44d9a641ab137f0de88", refsource: "MISC", url: "https://github.com/grafana/grafana/commit/fb85ed691290d211a5baa44d9a641ab137f0de88", }, { name: "https://security.netapp.com/advisory/ntap-20211125-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211125-0003/", }, ], }, source: { advisory: "GHSA-3j9m-hcv9-rpj8", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-41174", datePublished: "2021-11-03T18:00:12", dateReserved: "2021-09-15T00:00:00", dateUpdated: "2024-08-04T02:59:31.645Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39306
Vulnerability from cvelistv5
Published
2022-11-09 00:00
Modified
2024-08-03 12:00
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. Versions prior to 9.2.4, or 8.5.15 on the 8.X branch, are subject to Improper Input Validation. Grafana admins can invite other members to the organization they are an admin for. When admins add members to the organization, non existing users get an email invite, existing members are added directly to the organization. When an invite link is sent, it allows users to sign up with whatever username/email address the user chooses and become a member of the organization. This introduces a vulnerability which can be used with malicious intent. This issue is patched in version 9.2.4, and has been backported to 8.5.15. There are no known workarounds.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:00:44.049Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-2x6g-h2hg-rq84", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20221215-0004/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: "< 8.5.15", }, { status: "affected", version: ">= 9.v9.0.0-beta1, < 9.2.4", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.2.4, or 8.5.15 on the 8.X branch, are subject to Improper Input Validation. Grafana admins can invite other members to the organization they are an admin for. When admins add members to the organization, non existing users get an email invite, existing members are added directly to the organization. When an invite link is sent, it allows users to sign up with whatever username/email address the user chooses and become a member of the organization. This introduces a vulnerability which can be used with malicious intent. This issue is patched in version 9.2.4, and has been backported to 8.5.15. There are no known workarounds.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-15T00:00:00", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/grafana/grafana/security/advisories/GHSA-2x6g-h2hg-rq84", }, { url: "https://security.netapp.com/advisory/ntap-20221215-0004/", }, ], source: { advisory: "GHSA-2x6g-h2hg-rq84", discovery: "UNKNOWN", }, title: "Grafana contains Improper Input Validation", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-39306", datePublished: "2022-11-09T00:00:00", dateReserved: "2022-09-02T00:00:00", dateUpdated: "2024-08-03T12:00:44.049Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-11110
Vulnerability from cvelistv5
Published
2020-07-27 12:48
Modified
2024-08-04 11:21
Severity ?
EPSS score ?
Summary
Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/blob/master/CHANGELOG.md | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200810-0002/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:21:14.729Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200810-0002/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-10T11:06:08", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200810-0002/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-11110", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md", refsource: "MISC", url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md", }, { name: "https://security.netapp.com/advisory/ntap-20200810-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200810-0002/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-11110", datePublished: "2020-07-27T12:48:30", dateReserved: "2020-03-30T00:00:00", dateUpdated: "2024-08-04T11:21:14.729Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-24303
Vulnerability from cvelistv5
Published
2020-10-28 13:25
Modified
2024-08-04 15:12
Severity ?
EPSS score ?
Summary
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01 | x_refsource_MISC | |
| https://github.com/grafana/grafana/pull/25401 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20201123-0002/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T15:12:08.961Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/25401", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20201123-0002/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-11-23T11:06:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/pull/25401", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20201123-0002/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-24303", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", refsource: "MISC", url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", }, { name: "https://github.com/grafana/grafana/pull/25401", refsource: "MISC", url: "https://github.com/grafana/grafana/pull/25401", }, { name: "https://security.netapp.com/advisory/ntap-20201123-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20201123-0002/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-24303", datePublished: "2020-10-28T13:25:22", dateReserved: "2020-08-13T00:00:00", dateUpdated: "2024-08-04T15:12:08.961Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-28148
Vulnerability from cvelistv5
Published
2021-03-22 14:06
Modified
2024-08-03 21:40
Severity ?
EPSS score ?
Summary
One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service (DoS) attack against a Grafana Enterprise instance.
References
| ▼ | URL | Tags |
|---|---|---|
| https://community.grafana.com/t/release-notes-v6-7-x/27119 | x_refsource_MISC | |
| https://grafana.com/products/enterprise/ | x_refsource_MISC | |
| https://www.openwall.com/lists/oss-security/2021/03/19/5 | x_refsource_CONFIRM | |
| https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ | x_refsource_CONFIRM | |
| https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 | x_refsource_MISC | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ | x_refsource_MISC | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210430-0005/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:40:12.000Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/products/enterprise/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210430-0005/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service (DoS) attack against a Grafana Enterprise instance.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-30T07:06:32", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/products/enterprise/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20210430-0005/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-28148", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service (DoS) attack against a Grafana Enterprise instance.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://community.grafana.com/t/release-notes-v6-7-x/27119", refsource: "MISC", url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { name: "https://grafana.com/products/enterprise/", refsource: "MISC", url: "https://grafana.com/products/enterprise/", }, { name: "https://www.openwall.com/lists/oss-security/2021/03/19/5", refsource: "CONFIRM", url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, { name: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", refsource: "CONFIRM", url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { name: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", refsource: "MISC", url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, { name: "https://security.netapp.com/advisory/ntap-20210430-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20210430-0005/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-28148", datePublished: "2021-03-22T14:06:40", dateReserved: "2021-03-11T00:00:00", dateUpdated: "2024-08-03T21:40:12.000Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-39226
Vulnerability from cvelistv5
Published
2021-10-05 17:30
Modified
2025-02-06 19:44
Severity ?
EPSS score ?
Summary
Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public_mode" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the snapshot "public_mode" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss. This issue has been resolved in versions 8.1.6 and 7.5.11. If for some reason you cannot upgrade you can use a reverse proxy or similar to block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/security/advisories/GHSA-69j6-29vr-p3j9 | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/commit/2d456a6375855364d098ede379438bf7f0667269 | x_refsource_MISC | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-11/ | x_refsource_MISC | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-1-6/ | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2021/10/05/4 | mailing-list, x_refsource_MLIST | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6ANHRDBXQT6TURLP2THM26ZPDINFBEG/ | vendor-advisory, x_refsource_FEDORA | |
| https://security.netapp.com/advisory/ntap-20211029-0008/ | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCKBFUSY6V4VU5AQUYWKISREZX5NLQJT/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:58:18.334Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-69j6-29vr-p3j9", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/2d456a6375855364d098ede379438bf7f0667269", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-11/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-1-6/", }, { name: "[oss-security] 20211005 CVE-2021-39226 Grafana snapshot authentication bypass", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/10/05/4", }, { name: "FEDORA-2021-dd83dc8b0b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6ANHRDBXQT6TURLP2THM26ZPDINFBEG/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211029-0008/", }, { name: "FEDORA-2021-01588ab0bf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCKBFUSY6V4VU5AQUYWKISREZX5NLQJT/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-39226", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-06T19:36:13.338394Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-08-25", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-39226", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-02-06T19:44:09.565Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: ">= 8.0.0, < 8.1.6", }, { status: "affected", version: "< 7.5.11", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot \"public_mode\" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the snapshot \"public_mode\" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss. This issue has been resolved in versions 8.1.6 and 7.5.11. If for some reason you cannot upgrade you can use a reverse proxy or similar to block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "CWE-287: Improper Authentication", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-30T01:08:52.000Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-69j6-29vr-p3j9", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/2d456a6375855364d098ede379438bf7f0667269", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-11/", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-1-6/", }, { name: "[oss-security] 20211005 CVE-2021-39226 Grafana snapshot authentication bypass", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/10/05/4", }, { name: "FEDORA-2021-dd83dc8b0b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6ANHRDBXQT6TURLP2THM26ZPDINFBEG/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211029-0008/", }, { name: "FEDORA-2021-01588ab0bf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCKBFUSY6V4VU5AQUYWKISREZX5NLQJT/", }, ], source: { advisory: "GHSA-69j6-29vr-p3j9", discovery: "UNKNOWN", }, title: " Snapshot authentication bypass in grafana", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-39226", STATE: "PUBLIC", TITLE: " Snapshot authentication bypass in grafana", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "grafana", version: { version_data: [ { version_value: ">= 8.0.0, < 8.1.6", }, { version_value: "< 7.5.11", }, ], }, }, ], }, vendor_name: "grafana", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot \"public_mode\" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the snapshot \"public_mode\" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss. This issue has been resolved in versions 8.1.6 and 7.5.11. If for some reason you cannot upgrade you can use a reverse proxy or similar to block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-287: Improper Authentication", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-69j6-29vr-p3j9", refsource: "CONFIRM", url: "https://github.com/grafana/grafana/security/advisories/GHSA-69j6-29vr-p3j9", }, { name: "https://github.com/grafana/grafana/commit/2d456a6375855364d098ede379438bf7f0667269", refsource: "MISC", url: "https://github.com/grafana/grafana/commit/2d456a6375855364d098ede379438bf7f0667269", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-11/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-11/", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-1-6/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-1-6/", }, { name: "[oss-security] 20211005 CVE-2021-39226 Grafana snapshot authentication bypass", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/10/05/4", }, { name: "FEDORA-2021-dd83dc8b0b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6ANHRDBXQT6TURLP2THM26ZPDINFBEG/", }, { name: "https://security.netapp.com/advisory/ntap-20211029-0008/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211029-0008/", }, { name: "FEDORA-2021-01588ab0bf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCKBFUSY6V4VU5AQUYWKISREZX5NLQJT/", }, ], }, source: { advisory: "GHSA-69j6-29vr-p3j9", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-39226", datePublished: "2021-10-05T17:30:11.000Z", dateReserved: "2021-08-16T00:00:00.000Z", dateUpdated: "2025-02-06T19:44:09.565Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-1410
Vulnerability from cvelistv5
Published
2023-03-23 07:48
Modified
2025-03-04 21:22
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability.
Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip.
The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.
An attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description.
Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Grafana | Grafana |
Version: 8.0.0 ≤ Version: 9.0.0 ≤ Version: 9.3.0 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T05:49:11.621Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://grafana.com/security/security-advisories/cve-2023-1410/", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230420-0003/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-1410", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-04T21:21:42.873495Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-04T21:22:03.229Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Grafana", vendor: "Grafana", versions: [ { lessThan: "8.5.22", status: "affected", version: "8.0.0", versionType: "semver", }, { lessThan: "9.2.15", status: "affected", version: "9.0.0", versionType: "semver", }, { lessThan: "9.3.11", status: "affected", version: "9.3.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "Grafana Enterprise", vendor: "Grafana", versions: [ { lessThan: "8.5.22", status: "affected", version: "8.0.0", versionType: "semver", }, { lessThan: "9.2.15", status: "affected", version: "9.0.0", versionType: "semver", }, { lessThan: "9.3.11", status: "affected", version: "9.3.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Grafana is an open-source platform for monitoring and observability. </p><p>Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. </p><p>The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.</p><p>An attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description. </p><p> Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix. </p><p></p><div></div><div><br></div><p></p>", }, ], value: "Grafana is an open-source platform for monitoring and observability. \n\nGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \n\nThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\n\nAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description. \n\n Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix.", }, ], impacts: [ { capecId: "CAPEC-592", descriptions: [ { lang: "en", value: "CAPEC-592", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-20T08:06:33.364Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2023-1410/", }, { url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76", }, { url: "https://security.netapp.com/advisory/ntap-20230420-0003/", }, ], source: { discovery: "UNKNOWN", }, title: "Stored XSS in Graphite FunctionDescription tooltip", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2023-1410", datePublished: "2023-03-23T07:48:56.246Z", dateReserved: "2023-03-15T11:11:52.860Z", dateUpdated: "2025-03-04T21:22:03.229Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-15727
Vulnerability from cvelistv5
Published
2018-08-29 15:00
Modified
2024-08-05 10:01
Severity ?
EPSS score ?
Summary
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/105184 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2019:0019 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:3829 | vendor-advisory, x_refsource_REDHAT | |
| https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:01:54.541Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "105184", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/105184", }, { name: "RHSA-2019:0019", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0019", }, { name: "RHSA-2018:3829", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3829", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-08-29T00:00:00", descriptions: [ { lang: "en", value: "Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid \"remember me\" cookie knowing only a username of an LDAP or OAuth user.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-01-04T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "105184", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/105184", }, { name: "RHSA-2019:0019", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0019", }, { name: "RHSA-2018:3829", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3829", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-15727", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid \"remember me\" cookie knowing only a username of an LDAP or OAuth user.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "105184", refsource: "BID", url: "http://www.securityfocus.com/bid/105184", }, { name: "RHSA-2019:0019", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0019", }, { name: "RHSA-2018:3829", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3829", }, { name: "https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix/", refsource: "CONFIRM", url: "https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-15727", datePublished: "2018-08-29T15:00:00", dateReserved: "2018-08-22T00:00:00", dateUpdated: "2024-08-05T10:01:54.541Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-28147
Vulnerability from cvelistv5
Published
2021-03-22 14:03
Modified
2024-08-03 21:40
Severity ?
EPSS score ?
Summary
The team sync HTTP API in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service and having the EditorsCanAdmin feature enabled, this vulnerability allows any authenticated user to add external groups to any existing team. This can be used to grant a user team permissions that the user isn't supposed to have.
References
| ▼ | URL | Tags |
|---|---|---|
| https://community.grafana.com/t/release-notes-v6-7-x/27119 | x_refsource_MISC | |
| https://grafana.com/products/enterprise/ | x_refsource_MISC | |
| https://www.openwall.com/lists/oss-security/2021/03/19/5 | x_refsource_MISC | |
| https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ | x_refsource_CONFIRM | |
| https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 | x_refsource_MISC | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ | x_refsource_MISC | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210430-0005/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:40:12.004Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/products/enterprise/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210430-0005/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The team sync HTTP API in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service and having the EditorsCanAdmin feature enabled, this vulnerability allows any authenticated user to add external groups to any existing team. This can be used to grant a user team permissions that the user isn't supposed to have.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-30T07:06:31", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/products/enterprise/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20210430-0005/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-28147", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The team sync HTTP API in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service and having the EditorsCanAdmin feature enabled, this vulnerability allows any authenticated user to add external groups to any existing team. This can be used to grant a user team permissions that the user isn't supposed to have.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://community.grafana.com/t/release-notes-v6-7-x/27119", refsource: "MISC", url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { name: "https://grafana.com/products/enterprise/", refsource: "MISC", url: "https://grafana.com/products/enterprise/", }, { name: "https://www.openwall.com/lists/oss-security/2021/03/19/5", refsource: "MISC", url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, { name: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", refsource: "CONFIRM", url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { name: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", refsource: "MISC", url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, { name: "https://security.netapp.com/advisory/ntap-20210430-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20210430-0005/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-28147", datePublished: "2021-03-22T14:03:53", dateReserved: "2021-03-11T00:00:00", dateUpdated: "2024-08-03T21:40:12.004Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-6322
Vulnerability from cvelistv5
Published
2024-08-20 17:52
Modified
2024-09-03 17:04
Severity ?
EPSS score ?
Summary
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query access to the impacted datasource.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Grafana | Grafana |
Version: 11.1.0 ≤ Version: 11.1.2 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-6322", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-21T13:25:17.993382Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-03T17:04:40.540Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Grafana", vendor: "Grafana", versions: [ { lessThan: "11.1.1", status: "affected", version: "11.1.0", versionType: "semver", }, { lessThan: "11.1.3", status: "affected", version: "11.1.2", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "Grafana Enterprise", vendor: "Grafana", versions: [ { lessThan: "11.1.1", status: "affected", version: "11.1.0", versionType: "semver", }, { lessThan: "11.1.3", status: "affected", version: "11.1.2", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query access to the impacted datasource.</p>", }, ], value: "Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query access to the impacted datasource.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-266", description: "CWE-266", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-20T17:52:06.232Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2024-6322/", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2024-6322", datePublished: "2024-08-20T17:52:06.232Z", dateReserved: "2024-06-25T13:25:06.436Z", dateUpdated: "2024-09-03T17:04:40.540Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-15635
Vulnerability from cvelistv5
Published
2019-09-23 16:37
Modified
2024-08-05 00:56
Severity ?
EPSS score ?
Summary
An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL) are not encrypted. An admin user can reveal passwords for any data source by pressing the "Save and test" button within a data source's settings menu. When watching the transaction with Burp Proxy, the password for the data source is revealed and sent to the server. From a browser, a prompt to save the credentials is generated, and the password can be revealed by simply checking the "Show password" box.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/167244 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20191009-0002/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:56:22.105Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/167244", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20191009-0002/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL) are not encrypted. An admin user can reveal passwords for any data source by pressing the \"Save and test\" button within a data source's settings menu. When watching the transaction with Burp Proxy, the password for the data source is revealed and sent to the server. From a browser, a prompt to save the credentials is generated, and the password can be revealed by simply checking the \"Show password\" box.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-08T22:03:13", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/167244", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20191009-0002/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-15635", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL) are not encrypted. An admin user can reveal passwords for any data source by pressing the \"Save and test\" button within a data source's settings menu. When watching the transaction with Burp Proxy, the password for the data source is revealed and sent to the server. From a browser, a prompt to save the credentials is generated, and the password can be revealed by simply checking the \"Show password\" box.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://exchange.xforce.ibmcloud.com/vulnerabilities/167244", refsource: "MISC", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/167244", }, { name: "https://security.netapp.com/advisory/ntap-20191009-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20191009-0002/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-15635", datePublished: "2019-09-23T16:37:08", dateReserved: "2019-08-26T00:00:00", dateUpdated: "2024-08-05T00:56:22.105Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-18625
Vulnerability from cvelistv5
Published
2020-06-02 16:41
Modified
2024-08-05 11:16
Severity ?
EPSS score ?
Summary
Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/pull/11813 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200608-0008/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:16:00.190Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/11813", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana 5.3.1 has XSS via a link on the \"Dashboard > All Panels > General\" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-08T12:06:03", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/pull/11813", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-18625", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana 5.3.1 has XSS via a link on the \"Dashboard > All Panels > General\" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/pull/11813", refsource: "MISC", url: "https://github.com/grafana/grafana/pull/11813", }, { name: "https://security.netapp.com/advisory/ntap-20200608-0008/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-18625", datePublished: "2020-06-02T16:41:00", dateReserved: "2018-10-23T00:00:00", dateUpdated: "2024-08-05T11:16:00.190Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-1387
Vulnerability from cvelistv5
Published
2023-04-26 13:47
Modified
2025-02-13 16:39
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability.
Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token.
By enabling the "url_login" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Grafana | Grafana |
Version: 9.1.0 ≤ Version: 9.3.0 ≤ Version: 9.4.0 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T05:49:11.313Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://grafana.com/security/security-advisories/cve-2023-1387/", }, { tags: [ "x_transferred", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230609-0003/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-1387", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-31T16:11:53.656123Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-31T16:12:05.145Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Grafana", vendor: "Grafana", versions: [ { lessThan: "9.2.17", status: "affected", version: "9.1.0", versionType: "semver", }, { lessThan: "9.3.13", status: "affected", version: "9.3.0", versionType: "semver", }, { lessThan: "9.5.0", status: "affected", version: "9.4.0", versionType: "semver", }, ], }, { product: "Grafana Enterprise", vendor: "Grafana", versions: [ { lessThan: "9.2.17", status: "affected", version: "9.1.0", versionType: "semver", }, { lessThan: "9.3.13", status: "affected", version: "9.3.0", versionType: "semver", }, { lessThan: "9.5.0", status: "affected", version: "9.4.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Grafana is an open-source platform for monitoring and observability. </p><p>Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. </p><p>By enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.</p>", }, ], value: "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \n\nBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.", }, ], impacts: [ { capecId: "CAPEC-116", descriptions: [ { lang: "en", value: "CAPEC-116", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-09T07:06:35.623Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2023-1387/", }, { url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j", }, { url: "https://security.netapp.com/advisory/ntap-20230609-0003/", }, ], }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2023-1387", datePublished: "2023-04-26T13:47:16.914Z", dateReserved: "2023-03-14T11:11:01.304Z", dateUpdated: "2025-02-13T16:39:22.007Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-2801
Vulnerability from cvelistv5
Published
2023-06-06 18:03
Modified
2025-02-13 16:45
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability.
Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance.
The only feature that uses mixed queries at the moment is public dashboards, but it's also possible to cause this by calling the query API directly.
This might enable malicious users to crash Grafana instances through that endpoint.
Users may upgrade to version 9.4.12 and 9.5.3 to receive a fix.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Grafana | Grafana |
Version: 9.4.0 ≤ Version: 9.5.0 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T06:33:05.564Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://grafana.com/security/security-advisories/cve-2023-2801/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230706-0002/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-2801", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T18:27:46.406382Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-07T18:27:59.835Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Grafana", vendor: "Grafana", versions: [ { lessThan: "9.4.12", status: "affected", version: "9.4.0", versionType: "semver", }, { lessThan: "9.5.3", status: "affected", version: "9.5.0", versionType: "semver", }, ], }, { product: "Grafana Enterprise", vendor: "Grafana", versions: [ { lessThan: "9.4.12", status: "affected", version: "9.4.0", versionType: "semver", }, { lessThan: "9.5.3", status: "affected", version: "9.5.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Grafana is an open-source platform for monitoring and observability. </p><p>Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance.</p><p>The only feature that uses mixed queries at the moment is public dashboards, but it's also possible to cause this by calling the query API directly.</p><p>This might enable malicious users to crash Grafana instances through that endpoint.</p><p>Users may upgrade to version 9.4.12 and 9.5.3 to receive a fix.</p>", }, ], value: "Grafana is an open-source platform for monitoring and observability. \n\nUsing public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance.\n\nThe only feature that uses mixed queries at the moment is public dashboards, but it's also possible to cause this by calling the query API directly.\n\nThis might enable malicious users to crash Grafana instances through that endpoint.\n\nUsers may upgrade to version 9.4.12 and 9.5.3 to receive a fix.", }, ], impacts: [ { capecId: "CAPEC-26", descriptions: [ { lang: "en", value: "CAPEC-26", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-820", description: "CWE-820", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-06T18:06:29.011Z", orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", shortName: "GRAFANA", }, references: [ { url: "https://grafana.com/security/security-advisories/cve-2023-2801/", }, { url: "https://security.netapp.com/advisory/ntap-20230706-0002/", }, ], }, }, cveMetadata: { assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", assignerShortName: "GRAFANA", cveId: "CVE-2023-2801", datePublished: "2023-06-06T18:03:32.459Z", dateReserved: "2023-05-18T16:22:13.573Z", dateUpdated: "2025-02-13T16:45:38.503Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32276
Vulnerability from cvelistv5
Published
2022-06-17 11:38
Modified
2024-08-03 07:39
Severity ?
EPSS score ?
Summary
Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/BrotherOfJhonny/grafana/blob/main/README.md | x_refsource_MISC | |
| https://github.com/grafana/grafana/issues/50336 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:39:50.606Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/BrotherOfJhonny/grafana/blob/main/README.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/issues/50336", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-17T11:38:27", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/BrotherOfJhonny/grafana/blob/main/README.md", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/issues/50336", }, ], tags: [ "disputed", ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-32276", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "** DISPUTED ** Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/BrotherOfJhonny/grafana/blob/main/README.md", refsource: "MISC", url: "https://github.com/BrotherOfJhonny/grafana/blob/main/README.md", }, { name: "https://github.com/grafana/grafana/issues/50336", refsource: "MISC", url: "https://github.com/grafana/grafana/issues/50336", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-32276", datePublished: "2022-06-17T11:38:27", dateReserved: "2022-06-03T00:00:00", dateUpdated: "2024-08-03T07:39:50.606Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39324
Vulnerability from cvelistv5
Published
2023-01-27 22:42
Modified
2024-08-03 12:00
Severity ?
EPSS score ?
Summary
Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker’s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw | x_refsource_CONFIRM | |
| https://github.com/grafana/grafana/pull/60232 | x_refsource_MISC | |
| https://github.com/grafana/grafana/pull/60256 | x_refsource_MISC | |
| https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a | x_refsource_MISC | |
| https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:00:44.040Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://security.netapp.com/advisory/ntap-20230309-0010/", }, { name: "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw", }, { name: "https://github.com/grafana/grafana/pull/60232", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/60232", }, { name: "https://github.com/grafana/grafana/pull/60256", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/60256", }, { name: "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a", }, { name: "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-39324", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-01T15:45:24.258579Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-01T15:45:36.804Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "grafana", vendor: "grafana", versions: [ { status: "affected", version: "< 8.5.16", }, { status: "affected", version: ">= 9.0.0, < 9.2.8", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker’s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-27T22:42:01.550Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw", }, { name: "https://github.com/grafana/grafana/pull/60232", tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/pull/60232", }, { name: "https://github.com/grafana/grafana/pull/60256", tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/pull/60256", }, { name: "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a", tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a", }, { name: "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c", tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c", }, ], source: { advisory: "GHSA-4724-7jwc-3fpw", discovery: "UNKNOWN", }, title: "Grafana vulnerable to spoofing originalUrl of snapshots", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-39324", datePublished: "2023-01-27T22:42:01.550Z", dateReserved: "2022-09-02T14:16:35.872Z", dateUpdated: "2024-08-03T12:00:44.040Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-19039
Vulnerability from cvelistv5
Published
2018-12-13 19:00
Modified
2024-08-05 11:23
Severity ?
EPSS score ?
Summary
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/105994 | vdb-entry, x_refsource_BID | |
| https://community.grafana.com/t/grafana-5-3-3-and-4-6-5-security-update/11961 | x_refsource_CONFIRM | |
| https://www.percona.com/blog/2018/11/20/how-cve-2018-19039-affects-percona-monitoring-and-management/ | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2019:0747 | vendor-advisory, x_refsource_REDHAT | |
| https://security.netapp.com/advisory/ntap-20190416-0004/ | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2019:0911 | vendor-advisory, x_refsource_REDHAT | |
| http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:23:08.805Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "105994", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/105994", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://community.grafana.com/t/grafana-5-3-3-and-4-6-5-security-update/11961", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.percona.com/blog/2018/11/20/how-cve-2018-19039-affects-percona-monitoring-and-management/", }, { name: "RHSA-2019:0747", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0747", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190416-0004/", }, { name: "RHSA-2019:0911", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0911", }, { name: "openSUSE-SU-2020:1611", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-11-23T00:00:00", descriptions: [ { lang: "en", value: "Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-04T17:06:09", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "105994", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/105994", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://community.grafana.com/t/grafana-5-3-3-and-4-6-5-security-update/11961", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.percona.com/blog/2018/11/20/how-cve-2018-19039-affects-percona-monitoring-and-management/", }, { name: "RHSA-2019:0747", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0747", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190416-0004/", }, { name: "RHSA-2019:0911", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0911", }, { name: "openSUSE-SU-2020:1611", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-19039", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "105994", refsource: "BID", url: "http://www.securityfocus.com/bid/105994", }, { name: "https://community.grafana.com/t/grafana-5-3-3-and-4-6-5-security-update/11961", refsource: "CONFIRM", url: "https://community.grafana.com/t/grafana-5-3-3-and-4-6-5-security-update/11961", }, { name: "https://www.percona.com/blog/2018/11/20/how-cve-2018-19039-affects-percona-monitoring-and-management/", refsource: "CONFIRM", url: "https://www.percona.com/blog/2018/11/20/how-cve-2018-19039-affects-percona-monitoring-and-management/", }, { name: "RHSA-2019:0747", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0747", }, { name: "https://security.netapp.com/advisory/ntap-20190416-0004/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190416-0004/", }, { name: "RHSA-2019:0911", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0911", }, { name: "openSUSE-SU-2020:1611", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-19039", datePublished: "2018-12-13T19:00:00", dateReserved: "2018-11-06T00:00:00", dateUpdated: "2024-08-05T11:23:08.805Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-28146
Vulnerability from cvelistv5
Published
2021-03-22 14:00
Modified
2024-08-03 21:33
Severity ?
EPSS score ?
Summary
The team sync HTTP API in Grafana Enterprise 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service, this vulnerability allows any authenticated user to add external groups to existing teams. This can be used to grant a user team permissions that the user isn't supposed to have.
References
| ▼ | URL | Tags |
|---|---|---|
| https://community.grafana.com/t/release-notes-v6-7-x/27119 | x_refsource_MISC | |
| https://grafana.com/products/enterprise/ | x_refsource_MISC | |
| https://www.openwall.com/lists/oss-security/2021/03/19/5 | x_refsource_CONFIRM | |
| https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ | x_refsource_CONFIRM | |
| https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 | x_refsource_MISC | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ | x_refsource_MISC | |
| https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:33:17.416Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/products/enterprise/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The team sync HTTP API in Grafana Enterprise 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service, this vulnerability allows any authenticated user to add external groups to existing teams. This can be used to grant a user team permissions that the user isn't supposed to have.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-22T14:28:35", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/products/enterprise/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { tags: [ "x_refsource_MISC", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { tags: [ "x_refsource_MISC", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-28146", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The team sync HTTP API in Grafana Enterprise 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service, this vulnerability allows any authenticated user to add external groups to existing teams. This can be used to grant a user team permissions that the user isn't supposed to have.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://community.grafana.com/t/release-notes-v6-7-x/27119", refsource: "MISC", url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { name: "https://grafana.com/products/enterprise/", refsource: "MISC", url: "https://grafana.com/products/enterprise/", }, { name: "https://www.openwall.com/lists/oss-security/2021/03/19/5", refsource: "CONFIRM", url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, { name: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", refsource: "CONFIRM", url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { name: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", refsource: "MISC", url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { name: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", refsource: "MISC", url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-28146", datePublished: "2021-03-22T14:00:36", dateReserved: "2021-03-11T00:00:00", dateUpdated: "2024-08-03T21:33:17.416Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2021-03-18 20:15
Modified
2024-11-21 05:57
Severity ?
Summary
The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/grafana/grafana/blob/master/CHANGELOG.md | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/grafana/grafana/blob/master/CHANGELOG.md#742-2021-02-17 | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-2/ | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20210513-0007/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/blob/master/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/blob/master/CHANGELOG.md#742-2021-02-17 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-2/ | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210513-0007/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| grafana | grafana | * | |
| netapp | e-series_performance_analyzer | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "0BE6AA9C-F31D-4F0D-B6FE-B144164C6FF6", versionEndIncluding: "7.4.1", versionStartIncluding: "6.7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", matchCriteriaId: "24B8DB06-590A-4008-B0AB-FCD1401C77C6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.", }, { lang: "es", value: "La funcionalidad snapshot en Grafana versiones 6.7.3 hasta la 7.4.1, puede permitir a atacantes remotos no autenticados desencadenar una Denegación de Servicio por medio de una llamada de la API remota si es ajustada una configuración usada comúnmente", }, ], id: "CVE-2021-27358", lastModified: "2024-11-21T05:57:50.223", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-18T20:15:13.253", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#742-2021-02-17", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-2/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210513-0007/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#742-2021-02-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210513-0007/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-10 18:15
Modified
2024-11-21 06:29
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. For users who cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. Alternatively, for fully lowercase or fully uppercase .md files, users can block /api/plugins/.*/markdown/.* without losing any functionality beyond inlined plugin help text.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "C8A7F175-5768-4685-A192-25B4D97FF0CC", versionEndExcluding: "7.5.12", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "072437F7-4A16-4373-9026-7C20B0D2AFB8", versionEndExcluding: "8.3.2", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. For users who cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. Alternatively, for fully lowercase or fully uppercase .md files, users can block /api/plugins/.*/markdown/.* without losing any functionality beyond inlined plugin help text.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observabilidad. Grafana versiones anteriores a 8.3.2 y 7.5.12, contiene una vulnerabilidad de salto de directorio para archivos .md completamente en minúsculas o en mayúsculas. La vulnerabilidad presenta un alcance limitado y sólo permite el acceso a los archivos con la extensión .md a usuarios autentificados. Las instancias de Grafana Cloud no han sido afectadas por la vulnerabilidad. Los usuarios deben actualizar a las versiones parcheadas 8.3.2 o 7.5.12. Para usuarios que no puedan actualizar, la ejecución de un proxy inverso frente a Grafana que normalice el PATH de la petición mitigará la vulnerabilidad. El proxy también tendrá que ser capaz de manejar rutas codificadas con url. Alternativamente, para archivos .md completamente en minúsculas o en mayúsculas, los usuarios pueden bloquear /api/plugins/.*/markdown/.* sin perder ninguna funcionalidad más allá del texto de ayuda del plugin alineado", }, ], id: "CVE-2021-43813", lastModified: "2024-11-21T06:29:50.773", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-10T18:15:08.260", references: [ { source: "security-advisories@github.com", tags: [ "Mailing List", "Patch", "Release Notes", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { source: "security-advisories@github.com", tags: [ "Broken Link", ], url: "https://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0f", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d", }, { source: "security-advisories@github.com", tags: [ "Patch", "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q", }, { source: "security-advisories@github.com", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12/", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-2/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220107-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Release Notes", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220107-0006/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-03 22:15
Modified
2024-11-21 06:48
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the vulnerability you can disable datasource query caching for all datasources. This issue has been patched in versions 9.2.10 and 9.3.4.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8 | Exploit, Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8 | Exploit, Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20230309-0007/ |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "B926C39D-E8F9-431C-BA0A-9FA5927B7CAA", versionEndExcluding: "9.2.10", versionStartIncluding: "8.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "E8642012-7942-4810-8DB0-1894D3BF4662", versionEndExcluding: "9.3.4", versionStartIncluding: "9.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:8.3.0:beta1:*:*:*:*:*:*", matchCriteriaId: "08157012-0D58-4D9C-8589-09DD699BEA12", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:8.3.0:beta2:*:*:*:*:*:*", matchCriteriaId: "22D1FEBE-70C4-46FC-AD31-72C4CF793CA9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the vulnerability you can disable datasource query caching for all datasources. This issue has been patched in versions 9.2.10 and 9.3.4.\n", }, ], id: "CVE-2022-23498", lastModified: "2024-11-21T06:48:41.343", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.5, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-03T22:15:09.463", references: [ { source: "security-advisories@github.com", tags: [ "Exploit", "Mitigation", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mitigation", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230309-0007/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-09-22 18:15
Modified
2024-11-21 07:12
Severity ?
7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
3.8 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
3.8 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
Summary
Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerability impacts Grafana instances where RBAC was disabled and enabled afterwards, as the migrations which are translating legacy folder permissions to RBAC permissions do not account for the scenario where the only user permission in the folder is Admin, as a result RBAC adds permissions for Editors and Viewers which allow them to edit and view folders accordingly. This issue has been patched in versions 8.5.13, 9.0.9, and 9.1.6. A workaround when the impacted folder/dashboard is known is to remove the additional permissions manually.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/grafana/grafana/security/advisories/GHSA-p978-56hq-r492 | Patch, Release Notes, Vendor Advisory | |
| security-advisories@github.com | https://security.netapp.com/advisory/ntap-20221215-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/security/advisories/GHSA-p978-56hq-r492 | Patch, Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20221215-0001/ | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "60D90629-8174-4FC3-8D43-17655EF93F5E", versionEndExcluding: "8.5.13", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "FD0963EA-4EDA-417B-9CF2-609E4157AD8C", versionEndExcluding: "9.0.9", versionStartIncluding: "9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "E40D636D-3D90-46E1-84F2-13F186F55DB7", versionEndExcluding: "9.1.6", versionStartIncluding: "9.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerability impacts Grafana instances where RBAC was disabled and enabled afterwards, as the migrations which are translating legacy folder permissions to RBAC permissions do not account for the scenario where the only user permission in the folder is Admin, as a result RBAC adds permissions for Editors and Viewers which allow them to edit and view folders accordingly. This issue has been patched in versions 8.5.13, 9.0.9, and 9.1.6. A workaround when the impacted folder/dashboard is known is to remove the additional permissions manually.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observación. En versiones anteriores a 8.5.13, 9.0.9 y 9.1.6, Grafana está sujeta a una Preservación inapropiada de Permisos, lo que resulta en una escalada de privilegios en algunas carpetas donde Admin es el único permiso usado. La vulnerabilidad afecta a las instancias de Grafana en las que se deshabilitó RBAC y se habilitó después, ya que las migraciones que traducen los permisos de carpetas heredadas a permisos RBAC no tienen en cuenta el escenario en el que el único permiso de usuario en la carpeta es Admin, como resultado RBAC añade permisos para Editores y Visualizadores que les permiten editar y ver carpetas en consecuencia. Este problema ha sido parcheado en las versiones 8.5.13, 9.0.9 y 9.1.6. Una solución cuando se conoce la carpeta/el tablero afectado es eliminar los permisos adicionales manualmente", }, ], id: "CVE-2022-36062", lastModified: "2024-11-21T07:12:17.783", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.7, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.8, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-09-22T18:15:10.307", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-p978-56hq-r492", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221215-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-p978-56hq-r492", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221215-0001/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-281", }, ], source: "security-advisories@github.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-02 17:15
Modified
2024-11-21 03:56
Severity ?
Summary
Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/grafana/grafana/issues/15293 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/grafana/grafana/pull/11813 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/grafana/grafana/releases/tag/v6.0.0 | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20200608-0008/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/issues/15293 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/pull/11813 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/releases/tag/v6.0.0 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20200608-0008/ | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "B5A57091-8B8C-48EE-AD42-0E16B2961231", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana 5.3.1 has XSS via the \"Dashboard > Text Panel\" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.", }, { lang: "es", value: "Grafana versión 5.3.1, presenta una vulnerabilidad de tipo XSS por medio de la pantalla \"Dashboard ) Text Panel\". NOTA: este problema se presenta debido a una corrección incompleta para CVE-2018-12099.", }, ], id: "CVE-2018-18623", lastModified: "2024-11-21T03:56:15.137", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-02T17:15:11.427", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/15293", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/11813", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v6.0.0", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/15293", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/11813", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v6.0.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-29 16:15
Modified
2024-11-21 04:59
Severity ?
Summary
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| grafana | grafana | * | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "BA7299FA-6F26-4156-A641-4261538E8FFE", versionEndIncluding: "6.3.6", versionStartIncluding: "6.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.", }, { lang: "es", value: "En determinados paquetes de Red Hat para Grafana versiones 6.x hasta 6.3.6, los archivos de configuración /etc/grafana/grafana.ini y /etc/grafana/ldap.toml (que contienen un secret_key y un bind_password) son de tipo world readable.", }, ], id: "CVE-2020-12459", lastModified: "2024-11-21T04:59:44.660", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-29T16:15:11.823", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2020-12459", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1829724", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://github.com/grafana/grafana/issues/8283", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200518-0004/", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://src.fedoraproject.org/rpms/grafana/c/fab93d67363eb0a9678d9faf160cc88237f26277", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2020-12459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1829724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/grafana/grafana/issues/8283", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200518-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://src.fedoraproject.org/rpms/grafana/c/fab93d67363eb0a9678d9faf160cc88237f26277", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-732", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-07 19:15
Modified
2024-11-21 06:29
Severity ?
Summary
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "449504C1-1B9B-4D4E-940B-7107D6235AF3", versionEndExcluding: "8.0.7", versionStartIncluding: "8.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "53D52B8C-3355-4329-B222-4C3878A8F074", versionEndExcluding: "8.1.8", versionStartIncluding: "8.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "860C7085-A83F-4A15-8587-6A4A598D9141", versionEndExcluding: "8.2.7", versionStartIncluding: "8.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:8.0.0:beta1:*:*:*:*:*:*", matchCriteriaId: "0D8F31CD-1C2B-47F0-9629-D29AD700F689", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:8.0.0:beta2:*:*:*:*:*:*", matchCriteriaId: "CA972DB1-60A8-470F-86F5-A7AFB1C98666", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:8.0.0:beta3:*:*:*:*:*:*", matchCriteriaId: "4FF3AB6B-AAE8-41DF-BB0A-3FE119E826D1", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:8.3.0:*:*:*:*:*:*:*", matchCriteriaId: "DB249517-1BC4-4D6F-8C8F-D1744CFF4E4C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observación. Grafana versiones 8.0.0-beta1 hasta 8.3.0 (excepto las versiones parcheadas) son vulnerables a un salto de directorio, permitiendo el acceso a archivos locales. La ruta de la URL vulnerable es: \"(grafana_host_url)/public/plugins//\", donde está el ID del plugin para cualquier plugin instalado. En ningún momento Grafana Cloud ha sido vulnerable. Se aconseja a usuarios que actualicen a las versiones parcheadas 8.0.7, 8.1.8, 8.2.7 o 8.3.1. El aviso de seguridad de GitHub contiene más información sobre las rutas de URL vulnerables, la mitigación y el calendario de divulgación", }, ], id: "CVE-2021-43798", lastModified: "2024-11-21T06:29:48.737", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, ], }, published: "2021-12-07T19:15:07.633", references: [ { source: "security-advisories@github.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165198/Grafana-Arbitrary-File-Reading.html", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165221/Grafana-8.3.0-Directory-Traversal-Arbitrary-File-Read.html", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/09/2", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/c798c0e958d15d9cc7f27c72113d572fa58545ce", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p", }, { source: "security-advisories@github.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/blog/2021/12/08/an-update-on-0day-cve-2021-43798-grafana-directory-traversal/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211229-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165198/Grafana-Arbitrary-File-Reading.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165221/Grafana-8.3.0-Directory-Traversal-Arbitrary-File-Read.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/09/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/c798c0e958d15d9cc7f27c72113d572fa58545ce", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/blog/2021/12/08/an-update-on-0day-cve-2021-43798-grafana-directory-traversal/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211229-0004/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "security-advisories@github.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-27 13:15
Modified
2024-11-21 04:56
Severity ?
Summary
Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/grafana/grafana/blob/master/CHANGELOG.md | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20200810-0002/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/blob/master/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20200810-0002/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| grafana | grafana | * | |
| netapp | e-series_performance_analyzer | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "84470D6D-BEC1-4BA8-A388-745D01973F70", versionEndIncluding: "6.7.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", matchCriteriaId: "24B8DB06-590A-4008-B0AB-FCD1401C77C6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.", }, { lang: "es", value: "Grafana hasta la versión 6.7.1 permite un ataque de tipo XSS almacenado debido a la insuficiente protección de entrada en el campo originalUrl, lo que permite a un atacante inyectar código JavaScript que se ejecutará después de hacer clic en Open Original Dashboard después de visitar la instantánea", }, ], id: "CVE-2020-11110", lastModified: "2024-11-21T04:56:48.550", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-27T13:15:11.293", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200810-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200810-0002/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-17 13:15
Modified
2024-11-21 07:06
Severity ?
Summary
Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/BrotherOfJhonny/grafana/blob/main/README.md | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/grafana/grafana/issues/50336 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/BrotherOfJhonny/grafana/blob/main/README.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/issues/50336 | Exploit, Issue Tracking, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:8.4.3:*:*:*:*:*:*:*", matchCriteriaId: "F217504A-4756-40F0-8589-417B85664F95", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "disputed", ], }, ], descriptions: [ { lang: "en", value: "Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability", }, { lang: "es", value: "** EN DISPUTA ** Grafana versión 8.4.3, permite el acceso no autenticado por medio de (por ejemplo) un URI /dashboard/snapshot/*?orgId=0. NOTA: el proveedor considera que esto es un error de la interfaz de usuario, no una vulnerabilidad", }, ], id: "CVE-2022-32276", lastModified: "2024-11-21T07:06:05.250", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-17T13:15:16.443", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/BrotherOfJhonny/grafana/blob/main/README.md", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/50336", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/BrotherOfJhonny/grafana/blob/main/README.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/50336", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-29 16:15
Modified
2024-11-21 04:59
Severity ?
Summary
An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| grafana | grafana | * | |
| redhat | ceph_storage | 3.0 | |
| redhat | ceph_storage | 4.0 | |
| redhat | enterprise_linux | 8.0 | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "448ED4A6-404E-408B-8EF7-CFA3AB154CB4", versionEndIncluding: "6.7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*", matchCriteriaId: "516F4E8E-ED2F-4282-9DAB-D8B378F61258", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*", matchCriteriaId: "D6E54096-5D45-4CB2-AC9A-DDB55BF2B94C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).", }, { lang: "es", value: "Se encontró un fallo de divulgación de información en Grafana versiones hasta 6.7.3. El directorio de base de datos /var/lib/grafana y el archivo de base de datos /var/lib/grafana/grafana.db son de tipo world readable. Esto puede resultar en una exposición de información confidencial (por ejemplo, texto claro o contraseñas de fuentes de datos cifradas).", }, ], id: "CVE-2020-12458", lastModified: "2024-11-21T04:59:44.517", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-29T16:15:11.760", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2020-12458", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1827765", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/8283", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200518-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2020-12458", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1827765", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/8283", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200518-0001/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-732", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-22 15:15
Modified
2024-11-21 05:59
Severity ?
Summary
The team sync HTTP API in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service and having the EditorsCanAdmin feature enabled, this vulnerability allows any authenticated user to add external groups to any existing team. This can be used to grant a user team permissions that the user isn't supposed to have.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "57D0867F-AE3E-4527-B891-CE8DD0CC4536", versionEndExcluding: "6.7.6", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "B3EB7759-355F-4E65-8227-1BB21F74C167", versionEndExcluding: "7.3.10", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "7CFD90C0-68A4-40F8-82FF-4B161A38C378", versionEndExcluding: "7.4.5", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The team sync HTTP API in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service and having the EditorsCanAdmin feature enabled, this vulnerability allows any authenticated user to add external groups to any existing team. This can be used to grant a user team permissions that the user isn't supposed to have.", }, { lang: "es", value: "La API HTTP de sincronización de equipo en Grafana Enterprise versiones 6.x anteriores a 6.7.6, versiones 7.x anteriores a 7.3.10 y versiones 7.4.x anteriores a 7.4.5, presenta un problema de Control de Acceso Incorrecto. En las instancias de Grafana que usan un servicio de autenticación externo y presentan habilitada la funcionalidad EditorsCanAdmin, esta vulnerabilidad permite a cualquier usuario autenticado agregar grupos externos a cualquier equipo existente. Esto puede ser usado para otorgar a un equipo de usuarios permisos que se supone que el usuario no debe tener", }, ], id: "CVE-2021-28147", lastModified: "2024-11-21T05:59:10.893", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-22T15:15:14.537", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, { source: "cve@mitre.org", tags: [ "Product", "Vendor Advisory", ], url: "https://grafana.com/products/enterprise/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210430-0005/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Vendor Advisory", ], url: "https://grafana.com/products/enterprise/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210430-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-10-29 16:15
Modified
2024-11-08 17:59
Severity ?
2.2 (Low) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Summary
Organization admins can delete pending invites created in an organization they are not part of.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@grafana.com | https://grafana.com/security/security-advisories/cve-2024-10452 | Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:10.4.0:*:*:*:*:*:*:*", matchCriteriaId: "61BED69F-519C-4264-8675-F27EC1D33AF7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Organization admins can delete pending invites created in an organization they are not part of.", }, { lang: "es", value: " Los administradores de la organización pueden eliminar las invitaciones pendientes creadas en una organización de la que no forman parte.", }, ], id: "CVE-2024-10452", lastModified: "2024-11-08T17:59:10.977", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 2.2, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 0.7, impactScore: 1.4, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 2.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-10-29T16:15:04.593", references: [ { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2024-10452", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-639", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-639", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-08-29 15:29
Modified
2024-11-21 03:51
Severity ?
Summary
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/105184 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:3829 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:0019 | Third Party Advisory | |
| cve@mitre.org | https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3829 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:0019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix/ | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "9C71899D-7F83-4225-9909-A92946D40993", versionEndIncluding: "2.1.2", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "77EFAAB9-3793-4EB2-93CD-A176BE99114F", versionEndIncluding: "3.1.1", versionStartIncluding: "3.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "0B6D532B-B26E-40A0-BB6B-F4212C81C486", versionEndExcluding: "4.6.4", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "94C5564A-BC37-4906-AF7B-4DB4E335C6DB", versionEndExcluding: "5.2.3", versionStartIncluding: "5.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*", matchCriteriaId: "516F4E8E-ED2F-4282-9DAB-D8B378F61258", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid \"remember me\" cookie knowing only a username of an LDAP or OAuth user.", }, { lang: "es", value: "Grafana en versiones 2.x, 3.x y 4.x anteriores a la 4.6.4 y versiones 5.x anteriores a la 5.2.3 permite la omisión de autenticación debido a que un atacante puede generar una cookie \"remember me\" válida conociendo solo el nombre de usuario de un usuario LDAP u OAuth.", }, ], id: "CVE-2018-15727", lastModified: "2024-11-21T03:51:20.950", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-08-29T15:29:00.240", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105184", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3829", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0019", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3829", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0019", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-03-07 18:15
Modified
2025-03-11 16:56
Severity ?
6.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *.
Doing this will grant the user access to read, query, edit and delete all data sources within the organization.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "256F06F9-C861-48F9-8317-A0F0133C0FBE", versionEndExcluding: "9.5.7", versionStartIncluding: "8.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "768ED1D5-DD09-4D2B-AD74-F5D1A03DF8D7", versionEndExcluding: "10.0.12", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "642B089C-E5B7-4AD4-B477-2579A8A1AB23", versionEndExcluding: "10.1.8", versionStartIncluding: "10.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "FF474EF5-B4C2-4CEF-86AD-55A116C9E15F", versionEndExcluding: "10.2.5", versionStartIncluding: "10.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "E4854C70-56B3-49ED-BF70-28673BD4E2D7", versionEndExcluding: "10.3.4", versionStartIncluding: "10.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: " A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *.\nDoing this will grant the user access to read, query, edit and delete all data sources within the organization.\n", }, { lang: "es", value: "Un usuario con permisos para crear una fuente de datos puede usar Grafana API para crear una fuente de datos con UID configurado en *. Hacer esto le otorgará al usuario acceso para leer, consultar, editar y eliminar todas las fuentes de datos dentro de la organización.", }, ], id: "CVE-2024-1442", lastModified: "2025-03-11T16:56:13.943", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 4.7, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-03-07T18:15:46.590", references: [ { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2024-1442/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2024-1442/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20241122-0007/", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-14 15:15
Modified
2025-02-13 18:15
Severity ?
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
Grafana is an open-source platform for monitoring and observability. The CSV datasource plugin is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing CSV data from a remote endpoint configured by an administrator. If this plugin was configured to send requests to a bare host with no path (e.g. https://www.example.com/ https://www.example.com/` ), requests to an endpoint other than the one configured by the administrator could be triggered by a specially crafted request from any user, resulting in an SSRF vector. AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "69CFB8EE-4993-4F22-8A94-AE0000243671", versionEndExcluding: "0.6.13", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. The CSV datasource plugin is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing CSV data from a remote endpoint configured by an administrator. If this plugin was configured to send requests to a bare host with no path (e.g. https://www.example.com/ https://www.example.com/` ), requests to an endpoint other than the one configured by the administrator could be triggered by a specially crafted request from any user, resulting in an SSRF vector. AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator", }, { lang: "es", value: "Grafana es una plataforma de código abierto para monitoreo y observabilidad. El complemento de fuente de datos CSV es un complemento mantenido por Grafana Labs para Grafana que permite recuperar y procesar datos CSV desde un endpoint remoto configurado por un administrador. Si este complemento se configuró para enviar solicitudes a un host simple sin ruta (por ejemplo, https://www.example.com/ https://www.example.com/`), las solicitudes a un endpoint distinto al configurado por el administrador podría activarse mediante una solicitud especialmente manipulada por parte de cualquier usuario, lo que daría como resultado un vector SSRF. AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator", }, ], id: "CVE-2023-5122", lastModified: "2025-02-13T18:15:55.023", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 1.4, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-14T15:15:08.437", references: [ { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-5122/", }, { source: "security@grafana.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240503-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-5122/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240503-0002/", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-918", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-21 16:15
Modified
2024-11-21 05:21
Severity ?
Summary
A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| grafana | grafana | * | |
| grafana | grafana | * | |
| grafana | grafana | * | |
| saml_project | saml | * | |
| redhat | openshift_container_platform | 3.11 | |
| redhat | openshift_container_platform | 4.0 | |
| redhat | openshift_service_mesh | 2.0 | |
| redhat | enterprise_linux | 8.0 | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "872A1196-96C5-40DA-941B-FF88E45A6419", versionEndExcluding: "6.7.5", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "15AA35B7-6A59-429F-AAC2-B8DB3D4C7883", versionEndExcluding: "7.2.3", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "F1FAD0D9-D1D2-4EB2-BB5A-63C76CA5593E", versionEndExcluding: "7.3.6", versionStartIncluding: "7.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saml_project:saml:*:*:*:*:*:*:*:*", matchCriteriaId: "2A60AF8E-5856-4747-9AD5-BD733E97B982", versionEndExcluding: "0.4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", matchCriteriaId: "2F87326E-0B56-4356-A889-73D026DB1D4B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", matchCriteriaId: "932D137F-528B-4526-9A89-CD59FA1AB0FE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*", matchCriteriaId: "A76A2BCE-4AAE-46D7-93D6-2EDE0FC83145", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", }, { lang: "es", value: "Se presenta una vulnerabilidad de verificación de firmas en crewjam/saml. Este fallo permite a un atacante omitir la autenticación SAML. La mayor amenaza de esta vulnerabilidad es la confidencialidad, la integridad y la disponibilidad del sistema", }, ], id: "CVE-2020-27846", lastModified: "2024-11-21T05:21:55.503", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-21T16:15:13.067", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907670", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YUTKIRWT6TWU7DS6GF3EOANVQBFQZYI/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICP3YRY2VUCNCF2VFUSK77ZMRIC77FEM/", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210205-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907670", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YUTKIRWT6TWU7DS6GF3EOANVQBFQZYI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICP3YRY2VUCNCF2VFUSK77ZMRIC77FEM/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210205-0002/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-115", }, ], source: "secalert@redhat.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-15 20:15
Modified
2024-11-21 06:25
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Grafana is an open-source platform for monitoring and observability. In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users from other organizations. Grafana 8.0 introduced a mechanism which allowed users with the Organization Admin role to list, add, remove, and update users’ roles in other organizations in which they are not an admin. With fine-grained access control enabled, organization admins can list, add, remove and update users' roles in another organization, where they do not have organization admin role. All installations between v8.0 and v8.2.3 that have fine-grained access control beta enabled and more than one organization should be upgraded as soon as possible. If you cannot upgrade, you should turn off the fine-grained access control using a feature flag.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "42E1A891-6ECB-4E41-8978-25CFAE582244", versionEndExcluding: "8.2.4", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users from other organizations. Grafana 8.0 introduced a mechanism which allowed users with the Organization Admin role to list, add, remove, and update users’ roles in other organizations in which they are not an admin. With fine-grained access control enabled, organization admins can list, add, remove and update users' roles in another organization, where they do not have organization admin role. All installations between v8.0 and v8.2.3 that have fine-grained access control beta enabled and more than one organization should be upgraded as soon as possible. If you cannot upgrade, you should turn off the fine-grained access control using a feature flag.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observabilidad. En las versiones afectadas, cuando la función beta de control de acceso de grano fino está habilitada y presenta más de una organización en la instancia de Grafana, los administradores pueden acceder a usuarios de otras organizaciones. Grafana versión 8.0 introdujo un mecanismo que permitía a usuarios con el rol de administrador de la organización listar, añadir, eliminar y actualizar los roles de los usuarios en otras organizaciones en las que no son administradores. Con el control de acceso de grano fino habilitado, los administradores de la organización pueden listar, añadir, eliminar y actualizar los roles de los usuarios en otra organización, donde no tienen el rol de administrador de la organización. Todas las instalaciones entre la v8.0 y la v8.2.3 que tengan habilitado el control de acceso detallado beta y más de una organización deben actualizarse lo antes posible. Si no es posible actualizar, es debido deshabilitar el control de acceso de grano fino usando un flag de función", }, ], id: "CVE-2021-41244", lastModified: "2024-11-21T06:25:51.997", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-15T20:15:19.970", references: [ { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/11/15/1", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-mpwp-42x6-4wmx", }, { source: "security-advisories@github.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/blog/2021/11/15/grafana-8.2.4-released-with-security-fixes/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211223-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/11/15/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-mpwp-42x6-4wmx", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/blog/2021/11/15/grafana-8.2.4-released-with-security-fixes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211223-0001/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-610", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-15 12:15
Modified
2024-11-21 07:03
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
8.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
8.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Summary
Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "38231605-A82E-4D32-893D-69A2FE01F808", versionEndExcluding: "8.3.10", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "A5136FB0-D7F8-4BDD-9C70-CB2648065A1F", versionEndExcluding: "8.4.10", versionStartIncluding: "8.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "7C2FAADE-D9EA-431C-ACFA-9F846F14B5A2", versionEndExcluding: "8.5.9", versionStartIncluding: "8.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "A29E8B3E-D3A9-49A4-ABCD-4E87F8B527DD", versionEndExcluding: "9.0.3", versionStartIncluding: "9.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", matchCriteriaId: "24B8DB06-590A-4008-B0AB-FCD1401C77C6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observación. Las versiones de la rama 8.x y 9.x anteriores a 9.0.3, 8.5.6, 8.4.10 y 8.3.10, son vulnerables a un ataque de tipo cross-site scripting almacenado por medio de la función Unified Alerting de Grafana. Un atacante puede explotar esta vulnerabilidad para escalar el privilegio de editor a administrador al engañar a un administrador autenticado para que haga clic en un enlace. Las versiones 9.0.3, 8.5.6, 8.4.10 y 8.3.10 contienen un parche. Como mitigación, es posible deshabilitar las alertas o usar las alertas heredadas", }, ], id: "CVE-2022-31097", lastModified: "2024-11-21T07:03:53.317", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 5.2, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 5.8, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-15T12:15:08.903", references: [ { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220901-0010/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220901-0010/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-11 11:29
Modified
2024-11-21 03:44
Severity ?
Summary
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/grafana/grafana/pull/11813 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/grafana/grafana/releases/tag/v5.2.0-beta1 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190416-0004/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/pull/11813 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/releases/tag/v5.2.0-beta1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190416-0004/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| grafana | grafana | * | |
| netapp | active_iq_performance_analytics_services | - | |
| netapp | storagegrid_webscale_nas_bridge | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "611F4F2D-6A65-48AD-9BF9-7E6C88A91839", versionEndIncluding: "5.1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*", matchCriteriaId: "83077160-BB98-408B-81F0-8EF9E566BF28", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:storagegrid_webscale_nas_bridge:-:*:*:*:*:*:*:*", matchCriteriaId: "9EB95AE0-8815-4F2B-9D2F-B9272D7BDF91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.", }, { lang: "es", value: "Grafana en versiones anteriores a la 5.2.0-beta1 tiene vulnerabilidades Cross-Site Scripting (XSS) en los enlaces del cuadro de mandos.", }, ], id: "CVE-2018-12099", lastModified: "2024-11-21T03:44:35.770", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-11T11:29:00.413", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/11813", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v5.2.0-beta1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190416-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/11813", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v5.2.0-beta1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190416-0004/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-27 23:15
Modified
2024-11-21 07:18
Severity ?
6.7 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
3.5 (Low) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
3.5 (Low) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Summary
Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker’s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "777B6454-25E4-4999-8CD8-650913FF7566", versionEndExcluding: "8.5.16", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "0A9BAE29-AD6B-44E0-9FCE-2857E432FE2A", versionEndExcluding: "9.2.8", versionStartIncluding: "9.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker’s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para monitoreo y observabilidad. Antes de las versiones 8.5.16 y 9.2.8, los usuarios malintencionados podían crear una instantánea y elegir arbitrariamente el parámetro \"originalUrl\" editando la consulta, gracias a un proxy web. Cuando otro usuario abra la URL de la instantánea, se le presentará la interfaz web normal proporcionada por el servidor confiable de Grafana. El botón \"Abrir panel original\" ya no apunta al panel original real sino a la URL inyectada por el atacante. Este problema se solucionó en las versiones 8.5.16 y 9.2.8.", }, ], id: "CVE-2022-39324", lastModified: "2024-11-21T07:18:02.360", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.5, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-27T23:15:08.723", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/60232", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/60256", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/60232", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/60256", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230309-0010/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-08 20:15
Modified
2024-11-21 06:45
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-site Scripting (XSS) attack. The attacker could either compromise an existing datasource for a specific Grafana instance or either set up its own public service and instruct anyone to set it up in their Grafana instance. To be impacted, all of the following must be applicable. For the data source proxy: A Grafana HTTP-based datasource configured with Server as Access Mode and a URL set, the attacker has to be in control of the HTTP server serving the URL of above datasource, and a specially crafted link pointing at the attacker controlled data source must be clicked on by an authenticated user. For the plugin proxy: A Grafana HTTP-based app plugin configured and enabled with a URL set, the attacker has to be in control of the HTTP server serving the URL of above app, and a specially crafted link pointing at the attacker controlled plugin must be clocked on by an authenticated user. For the backend plugin resource: An attacker must be able to navigate an authenticated user to a compromised plugin through a crafted link. Users are advised to update to a patched version. There are no known workarounds for this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| grafana | grafana | * | |
| grafana | grafana | * | |
| grafana | grafana | 2.0.0 | |
| grafana | grafana | 2.0.0 | |
| netapp | e-series_performance_analyzer | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "EDAF22BC-1003-4EB9-8256-A7DEA894CCC1", versionEndExcluding: "7.5.15", versionStartIncluding: "2.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "16145A8D-9FF1-4EEE-8E29-198B408582B8", versionEndExcluding: "8.3.5", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:2.0.0:beta1:*:*:*:*:*:*", matchCriteriaId: "9C4FC3E6-8C85-4398-B270-5B0373C129B6", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:2.0.0:beta3:*:*:*:*:*:*", matchCriteriaId: "4C441D33-2494-4B4F-8C7D-3C0857FDD209", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:*:*:*:*:*:*:*:*", matchCriteriaId: "CC05F69D-6C6B-472D-87B7-84231F14CA8B", versionEndExcluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-site Scripting (XSS) attack. The attacker could either compromise an existing datasource for a specific Grafana instance or either set up its own public service and instruct anyone to set it up in their Grafana instance. To be impacted, all of the following must be applicable. For the data source proxy: A Grafana HTTP-based datasource configured with Server as Access Mode and a URL set, the attacker has to be in control of the HTTP server serving the URL of above datasource, and a specially crafted link pointing at the attacker controlled data source must be clicked on by an authenticated user. For the plugin proxy: A Grafana HTTP-based app plugin configured and enabled with a URL set, the attacker has to be in control of the HTTP server serving the URL of above app, and a specially crafted link pointing at the attacker controlled plugin must be clocked on by an authenticated user. For the backend plugin resource: An attacker must be able to navigate an authenticated user to a compromised plugin through a crafted link. Users are advised to update to a patched version. There are no known workarounds for this vulnerability.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observabilidad. En las versiones afectadas, un atacante podría servir contenido HTML mediante la fuente de datos de Grafana o el proxy del plugin y engañar a un usuario para que visite esta página HTML usando un enlace especialmente diseñado y ejecutar un ataque de tipo Cross-site Scripting (XSS). El atacante podría comprometer una fuente de datos existente para una instancia específica de Grafana o bien configurar su propio servicio público e instruir a cualquiera para que lo configure en su instancia de Grafana. Para ser impactado, todo lo siguiente debe ser aplicable. Para el proxy de la fuente de datos: Una fuente de datos basada en HTTP de Grafana configurada con Servidor como Modo de Acceso y una URL establecida, el atacante debe estar en control del servidor HTTP que sirve la URL de dicha fuente de datos, y un enlace especialmente diseñado que apunte a la fuente de datos controlada por el atacante debe ser pulsado por un usuario autenticado. Para el plugin proxy: Un plugin de Grafana basado en HTTP configurado y habilitado con un conjunto de URL, el atacante debe estar en control del servidor HTTP que sirve la URL de la aplicación anterior, y un enlace especialmente diseñado que apunte al plugin controlado por el atacante debe ser marcado por un usuario autenticado. Para el recurso del plugin backend: Un atacante debe ser capaz de dirigir a un usuario autenticado a un plugin comprometido mediante un enlace diseñado. Es recomendado a usuarios actualizar a una versión parcheada. No hay medidas de mitigación adicionales conocidas para esta vulnerabilidad", }, ], id: "CVE-2022-21702", lastModified: "2024-11-21T06:45:16.010", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 4.7, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-08T20:15:08.987", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/27726868b3d7c613844b55cd209ca93645c99b85", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Mitigation", "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-xc3p-28hw-q24g", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/27726868b3d7c613844b55cd209ca93645c99b85", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mitigation", "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-xc3p-28hw-q24g", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-22 14:15
Modified
2024-11-21 05:59
Severity ?
Summary
The team sync HTTP API in Grafana Enterprise 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service, this vulnerability allows any authenticated user to add external groups to existing teams. This can be used to grant a user team permissions that the user isn't supposed to have.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "7CFD90C0-68A4-40F8-82FF-4B161A38C378", versionEndExcluding: "7.4.5", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The team sync HTTP API in Grafana Enterprise 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service, this vulnerability allows any authenticated user to add external groups to existing teams. This can be used to grant a user team permissions that the user isn't supposed to have.", }, { lang: "es", value: "La API HTTP de sincronización de equipo en Grafana Enterprise versiones 7.4.x anteriores a 7.4.5, presenta un problema de Control de Acceso Incorrecto. En las instancias de Grafana que usan un servicio de autenticación externo, esta vulnerabilidad permite a cualquier usuario autenticado agregar grupos externos a los equipos existentes. Esto puede ser usado para otorgar a un equipo de usuarios permisos que se supone que el usuario no debe tener", }, ], id: "CVE-2021-28146", lastModified: "2024-11-21T05:59:10.723", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-22T14:15:14.100", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, { source: "cve@mitre.org", tags: [ "Product", "Vendor Advisory", ], url: "https://grafana.com/products/enterprise/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Vendor Advisory", ], url: "https://grafana.com/products/enterprise/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-28 14:15
Modified
2024-11-21 05:14
Severity ?
Summary
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01 | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/grafana/grafana/pull/25401 | Patch, Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20201123-0002/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/pull/25401 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20201123-0002/ | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "EB6DBF52-7C99-4B79-B3E6-17F724A47483", versionEndIncluding: "7.0.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", }, { lang: "es", value: "Grafana versiones anteriores a 7.1.0-beta 1, permite un ataque de tipo XSS por medio de un alias de consulta de la fuente de datos de ElasticSearch", }, ], id: "CVE-2020-24303", lastModified: "2024-11-21T05:14:34.773", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-28T14:15:12.330", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/25401", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20201123-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/25401", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20201123-0002/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-09-20 23:15
Modified
2024-11-21 07:12
Severity ?
6.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
6.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
6.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "60D90629-8174-4FC3-8D43-17655EF93F5E", versionEndExcluding: "8.5.13", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "FD0963EA-4EDA-417B-9CF2-609E4157AD8C", versionEndExcluding: "9.0.9", versionStartIncluding: "9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "E40D636D-3D90-46E1-84F2-13F186F55DB7", versionEndExcluding: "9.1.6", versionStartIncluding: "9.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observabilidad. Las versiones anteriores a 9.1.6 y 8.5.13, son vulnerables a una escalada de admin a server admin cuando es usado auth proxy, lo que permite a un admin tomar la cuenta de server admin y obtener el control total de la instancia de grafana. Todas las instalaciones deben ser actualizadas tan pronto como sea posible. Como mitigación, desactive el proxy de autenticación siguiendo las instrucciones en: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/", }, ], id: "CVE-2022-35957", lastModified: "2024-11-21T07:12:03.050", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.7, impactScore: 5.9, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.7, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-09-20T23:15:09.457", references: [ { source: "security-advisories@github.com", tags: [ "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYU5C2RITLHVZSTCWNGQWA6KSPYNXM2H/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221215-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYU5C2RITLHVZSTCWNGQWA6KSPYNXM2H/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221215-0001/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-290", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-290", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-02 01:15
Modified
2024-11-21 07:44
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be fully exploited. The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker needs to have the Editor role in order to change a Text panel to include JavaScript. Another user needs to edit the same Text panel, and click on "Markdown" or "HTML" for the code to be executed. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. This issue has been patched in versions 9.2.10 and 9.3.4.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "2145D69A-D240-4E87-80F1-08AC1F4E5DF3", versionEndExcluding: "9.2.10", versionStartIncluding: "9.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "E8642012-7942-4810-8DB0-1894D3BF4662", versionEndExcluding: "9.3.4", versionStartIncluding: "9.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin \"Text\". The stored XSS vulnerability requires several user interactions in order to be fully exploited. The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker needs to have the Editor role in order to change a Text panel to include JavaScript. Another user needs to edit the same Text panel, and click on \"Markdown\" or \"HTML\" for the code to be executed. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. This issue has been patched in versions 9.2.10 and 9.3.4.", }, ], id: "CVE-2023-22462", lastModified: "2024-11-21T07:44:51.170", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-02T01:15:11.727", references: [ { source: "security-advisories@github.com", tags: [ "Patch", ], url: "https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165", }, { source: "security-advisories@github.com", tags: [ "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf", }, { source: "security-advisories@github.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230413-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230413-0004/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-02 17:15
Modified
2024-11-21 03:56
Severity ?
Summary
Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/grafana/grafana/pull/11813 | Exploit, Patch, Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20200608-0008/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/pull/11813 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20200608-0008/ |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "B5A57091-8B8C-48EE-AD42-0E16B2961231", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana 5.3.1 has XSS via a link on the \"Dashboard > All Panels > General\" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.", }, { lang: "es", value: "Grafana versión 5.3.1, presenta una vulnerabilidad de tipo XSS por medio de un enlace en la pantalla \"Dashboard ) All Panels ) General\". NOTA: este problema se presenta debido a una corrección incompleta para CVE-2018-12099.", }, ], id: "CVE-2018-18625", lastModified: "2024-11-21T03:56:15.443", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-02T17:15:11.567", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/11813", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/11813", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-03 19:15
Modified
2024-11-21 05:01
Severity ?
Summary
The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| grafana | grafana | * | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 | |
| netapp | e-series_performance_analyzer | - | |
| opensuse | leap | 15.2 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | backports_sle | 15.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "3D50C8C6-6B30-44A6-8F1E-6915B9C19BEA", versionEndIncluding: "7.0.1", versionStartIncluding: "3.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", matchCriteriaId: "24B8DB06-590A-4008-B0AB-FCD1401C77C6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", matchCriteriaId: "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", matchCriteriaId: "40513095-7E6E-46B3-B604-C926F1BA3568", vulnerable: true, }, { criteria: "cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*", matchCriteriaId: "67E82302-4B77-44F3-97B1-24C18AC4A35D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.", }, { lang: "es", value: "La funcionalidad avatar en Grafana versiones 3.0.1 hasta 7.0.1, presenta un problema de Control de Acceso Incorrecto de tipo SSRF. Esta vulnerabilidad permite que cualquier usuario y cliente no autenticado haga que Grafana envíe peticiones HTTP hacia cualquier URL y devuelva su resultado al usuario y cliente. Esto puede ser utilizado para conseguir información sobre la red en la que Grafana se está ejecutando. Además, pasar objetos URL inválidos podría ser usado para DOS'ing Grafana a través de SegFault", }, ], id: "CVE-2020-13379", lastModified: "2024-11-21T05:01:08.160", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-03T19:15:10.737", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/158320/Grafana-7.0.1-Denial-Of-Service.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/06/03/4", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/06/09/2", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-7-0-2-and-6-7-4-security-update/31408", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v7-0-x/29381", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r0928ee574281f8b6156e0a6d0291bfc27100a9dd3f9b0177ece24ae4%40%3Cdev.ambari.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r093b405a49fd31efa0d949ac1a887101af1ca95652a66094194ed933%40%3Cdev.ambari.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r40f0a97b6765de6b8938bc212ee9dfb5101e9efa48bcbbdec02b2a60%40%3Cissues.ambari.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r6670a6c29044bcb77d4e5d165b5bd13fffe37b84caa5d6471b13b3a2%40%3Cdev.ambari.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r6bb57124a21bb638f552d81650c66684e70fc1ff9f40b6a8840171cd%40%3Cissues.ambari.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r984c3b42a500f5a6a89fbee436b9432fada5dc27ebab04910aafe4da%40%3Cissues.ambari.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/rad99b06d7360a5cf6e394afb313f8901dcd4cb777aee9c9197b3b23d%40%3Cdev.ambari.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/rba0247a27be78bd14046724098462d058a9969400a82344b3007cf90%40%3Cdev.ambari.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/rd0fd283e3844b9c54cd5ecc92d966f96d3f4318815bbf3ac41f9c820%40%3Ccommits.ambari.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/re75f59639f3bc1d14c7ab362bc4485ade84f3c6a3c1a03200c20fe13%40%3Cissues.ambari.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/re7c4b251b52f49ba6ef752b829bca9565faaf93d03206b1db6644d31%40%3Cdev.ambari.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/rff71126fa7d9f572baafb9be44078ad409c85d2c0f3e26664f1ef5a2%40%3Cdev.ambari.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEKSZ6GE4EDOFZ23NGYWOCMD6O4JF5SO/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O2KSCCGKNEENZN3DW7TSPFBBUZH3YZXZ/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://mostwanted002.cf/post/grafanados/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://rhynorater.github.io/CVE-2020-13379-Write-Up", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200608-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/158320/Grafana-7.0.1-Denial-Of-Service.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/06/03/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/06/09/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-7-0-2-and-6-7-4-security-update/31408", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v7-0-x/29381", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r0928ee574281f8b6156e0a6d0291bfc27100a9dd3f9b0177ece24ae4%40%3Cdev.ambari.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r093b405a49fd31efa0d949ac1a887101af1ca95652a66094194ed933%40%3Cdev.ambari.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r40f0a97b6765de6b8938bc212ee9dfb5101e9efa48bcbbdec02b2a60%40%3Cissues.ambari.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r6670a6c29044bcb77d4e5d165b5bd13fffe37b84caa5d6471b13b3a2%40%3Cdev.ambari.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r6bb57124a21bb638f552d81650c66684e70fc1ff9f40b6a8840171cd%40%3Cissues.ambari.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r984c3b42a500f5a6a89fbee436b9432fada5dc27ebab04910aafe4da%40%3Cissues.ambari.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rad99b06d7360a5cf6e394afb313f8901dcd4cb777aee9c9197b3b23d%40%3Cdev.ambari.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rba0247a27be78bd14046724098462d058a9969400a82344b3007cf90%40%3Cdev.ambari.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rd0fd283e3844b9c54cd5ecc92d966f96d3f4318815bbf3ac41f9c820%40%3Ccommits.ambari.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/re75f59639f3bc1d14c7ab362bc4485ade84f3c6a3c1a03200c20fe13%40%3Cissues.ambari.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/re7c4b251b52f49ba6ef752b829bca9565faaf93d03206b1db6644d31%40%3Cdev.ambari.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rff71126fa7d9f572baafb9be44078ad409c85d2c0f3e26664f1ef5a2%40%3Cdev.ambari.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEKSZ6GE4EDOFZ23NGYWOCMD6O4JF5SO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O2KSCCGKNEENZN3DW7TSPFBBUZH3YZXZ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://mostwanted002.cf/post/grafanados/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://rhynorater.github.io/CVE-2020-13379-Write-Up", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200608-0006/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-10-05 18:15
Modified
2025-02-18 14:53
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Summary
Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public_mode" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the snapshot "public_mode" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss. This issue has been resolved in versions 8.1.6 and 7.5.11. If for some reason you cannot upgrade you can use a reverse proxy or similar to block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| grafana | grafana | * | |
| grafana | grafana | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 |
{ cisaActionDue: "2022-09-15", cisaExploitAdd: "2022-08-25", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Grafana Authentication Bypass Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "B3C34F75-9949-40B3-819E-3030A44B0174", versionEndExcluding: "7.5.11", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "3218296B-F9C5-4E9E-AE37-70A4296AC016", versionEndExcluding: "8.1.6", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot \"public_mode\" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the snapshot \"public_mode\" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss. This issue has been resolved in versions 8.1.6 and 7.5.11. If for some reason you cannot upgrade you can use a reverse proxy or similar to block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects.", }, { lang: "es", value: "Grafana es una plataforma de visualización de datos de código abierto. En las versiones afectadas los usuarios no autenticados y autenticados son capaces de visualizar la snapshot con la clave de base de datos más baja accediendo a las rutas literales /dashboard/snapshot/:key, o /api/snapshots/:key. Si el ajuste de configuración \"public_mode\" de la snapshot se establece en true (frente a default o false), unos usuarios no autenticados pueden eliminar la snapshot con la clave de base de datos más baja al acceder a la ruta literal /api/snapshots-delete/:deleteKey. Independientemente de la configuración de \"public_mode\" de la snapshot, unos usuarios autenticados pueden eliminar la snapshot con la clave de base de datos más baja accediendo a las rutas literales: /api/snapshots/:key, o /api/snapshots-delete/:deleteKey. La combinación de borrado y visualización permite un recorrido completo mediante todos los datos de las snapshots mientras se produce una pérdida total de datos de las mismas. Este problema se ha resuelto en las versiones 8.1.6 y 7.5.11. Si por alguna razón no puede actualizar puede usar un proxy inverso o similar para bloquear el acceso a las rutas literales /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, y /api/snapshots/:key. No tienen ninguna función normal y pueden ser deshabilitadas sin efectos secundarios", }, ], id: "CVE-2021-39226", lastModified: "2025-02-18T14:53:42.247", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-05T18:15:07.947", references: [ { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/10/05/4", }, { source: "security-advisories@github.com", tags: [ "Patch", ], url: "https://github.com/grafana/grafana/commit/2d456a6375855364d098ede379438bf7f0667269", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Mitigation", "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-69j6-29vr-p3j9", }, { source: "security-advisories@github.com", tags: [ "Release Notes", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-11/", }, { source: "security-advisories@github.com", tags: [ "Release Notes", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-1-6/", }, { source: "security-advisories@github.com", tags: [ "Broken Link", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCKBFUSY6V4VU5AQUYWKISREZX5NLQJT/", }, { source: "security-advisories@github.com", tags: [ "Broken Link", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6ANHRDBXQT6TURLP2THM26ZPDINFBEG/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211029-0008/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/10/05/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/grafana/grafana/commit/2d456a6375855364d098ede379438bf7f0667269", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mitigation", "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-69j6-29vr-p3j9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-11/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-1-6/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCKBFUSY6V4VU5AQUYWKISREZX5NLQJT/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6ANHRDBXQT6TURLP2THM26ZPDINFBEG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211029-0008/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-22 21:15
Modified
2025-02-13 17:16
Severity ?
9.4 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Grafana is validating Azure AD accounts based on the email claim.
On Azure AD, the profile email field is not unique and can be easily modified.
This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:-:*:*:*", matchCriteriaId: "83E4CB78-7F97-4B9A-B644-ED98761C6213", versionEndExcluding: "8.5.27", versionStartIncluding: "6.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "26C597A7-F2D1-4A33-BBBD-352669DB8E91", versionEndExcluding: "8.5.27", versionStartIncluding: "6.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:-:*:*:*", matchCriteriaId: "C47AA0E0-72E8-4235-8D27-7F579929D179", versionEndExcluding: "9.2.20", versionStartIncluding: "9.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "F825B098-EEA7-415F-A9EA-6E72D741E614", versionEndExcluding: "9.2.20", versionStartIncluding: "9.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:-:*:*:*", matchCriteriaId: "4F05305B-94D2-4687-8AE9-F55CE840B647", versionEndExcluding: "9.3.16", versionStartIncluding: "9.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "C32F2F70-18A1-47D6-8B5E-F20D096AEBD0", versionEndExcluding: "9.3.16", versionStartIncluding: "9.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:-:*:*:*", matchCriteriaId: "C40FF772-6C54-4B5C-BD5C-560E192B79F6", versionEndExcluding: "9.4.13", versionStartIncluding: "9.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "61DA1D1A-D969-492E-9A43-A99E9A918A5A", versionEndExcluding: "9.4.13", versionStartIncluding: "9.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:-:*:*:*", matchCriteriaId: "B08F1010-C1F8-4F29-A65D-D9A741F77AA3", versionEndExcluding: "9.5.4", versionStartIncluding: "9.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "E61B4ECF-7DC6-4487-9F27-8660BD8AD179", versionEndExcluding: "9.5.4", versionStartIncluding: "9.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is validating Azure AD accounts based on the email claim. \n\nOn Azure AD, the profile email field is not unique and can be easily modified. \n\nThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.", }, ], id: "CVE-2023-3128", lastModified: "2025-02-13T17:16:55.490", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 9.4, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.5, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-22T21:15:09.573", references: [ { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp", }, { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-3128/", }, { source: "security@grafana.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230714-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-3128/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230714-0004/", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-290", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-290", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-06-30 00:15
Modified
2024-11-21 04:24
Severity ?
Summary
public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field).
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "D02B16B4-30E7-4E47-B14F-C39981C88786", versionEndExcluding: "6.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field).", }, { lang: "es", value: "El archivo public/app/features/panel/panel_ctrl.ts en Grafana anterior a versión 6.2.5, permite Inyección HTML en los enlaces de desglose del panel (por medio del campo Title o url).", }, ], id: "CVE-2019-13068", lastModified: "2024-11-21T04:24:08.057", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-30T00:15:11.313", references: [ { source: "cve@mitre.org", url: "http://packetstormsecurity.com/files/171500/Grafana-6.2.4-HTML-Injection.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/17718", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v6.2.5", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20190710-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/171500/Grafana-6.2.4-HTML-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/17718", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v6.2.5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20190710-0001/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-08 23:15
Modified
2024-11-21 07:18
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Grafana is an open-source platform for monitoring and observability. Versions starting with 9.2.0 and less than 9.2.4 contain a race condition in the authentication middlewares logic which may allow an unauthenticated user to query an administration endpoint under heavy load. This issue is patched in 9.2.4. There are no known workarounds.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "F0ED42D9-FCEE-4A77-8D62-7AE5BDFB603B", versionEndExcluding: "9.2.4", versionStartIncluding: "9.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Versions starting with 9.2.0 and less than 9.2.4 contain a race condition in the authentication middlewares logic which may allow an unauthenticated user to query an administration endpoint under heavy load. This issue is patched in 9.2.4. There are no known workarounds.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para monitorización y observabilidad. Las versiones que comienzan con 9.2.0 y menos que 9.2.4 contienen una condición de ejecución en la lógica del middleware de autenticación que puede permitir que un usuario no autenticado consulte un endpoint de administración bajo una carga pesada. Este problema se solucionó en 9.2.4. No se conocen workarounds.", }, ], id: "CVE-2022-39328", lastModified: "2024-11-21T07:18:02.917", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-11-08T23:15:11.737", references: [ { source: "security-advisories@github.com", tags: [ "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-vqc4-mpj8-jxch", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221215-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-vqc4-mpj8-jxch", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221215-0003/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-362", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-13 22:15
Modified
2025-02-15 01:15
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Summary
A user changing their email after signing up and verifying it can change it without verification in profile settings.
The configuration option "verify_email_enabled" will only validate email only on sign up.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "F1B0912A-B5CC-42BE-93D4-0A501A0245FA", versionEndIncluding: "2.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:10.0.0:*:*:*:*:*:*:*", matchCriteriaId: "CB81DBAE-551A-41FD-BFB5-325C9E0BCA10", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:10.1.0:*:*:*:*:*:*:*", matchCriteriaId: "1A61A884-885C-4961-8263-682CC9EDBCE8", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:10.2.0:*:*:*:*:*:*:*", matchCriteriaId: "EE8E4C18-557B-4CD0-9EE5-DC4B8D5F20BC", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:10.3.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6206EA-DB68-4409-A694-74F47D6879D4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n", }, { lang: "es", value: "Un usuario que cambia su correo electrónico después de registrarse y verificarlo puede cambiarlo sin verificación en la configuración del perfil. La opción de configuración \"verify_email_enabled\" solo validará el correo electrónico al registrarse.", }, ], id: "CVE-2023-6152", lastModified: "2025-02-15T01:15:09.723", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-13T22:15:45.430", references: [ { source: "security@grafana.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f", }, { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-6152/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-6152/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20250214-0008/", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-13 23:15
Modified
2024-11-21 07:03
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Grafana is an open source observability and data visualization platform. Versions of Grafana for endpoints prior to 9.1.8 and 8.5.14 could leak authentication tokens to some destination plugins under some conditions. The vulnerability impacts data source and plugin proxy endpoints with authentication tokens. The destination plugin could receive a user's Grafana authentication token. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not use API keys, JWT authentication, or any HTTP Header based authentication.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "3959EA7C-8C8F-4CA2-B33F-F9BBAB8CD15C", versionEndExcluding: "8.5.14", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "E8E1ACC7-F43B-4395-A1FD-44CAEB43430D", versionEndExcluding: "9.1.8", versionStartIncluding: "9.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open source observability and data visualization platform. Versions of Grafana for endpoints prior to 9.1.8 and 8.5.14 could leak authentication tokens to some destination plugins under some conditions. The vulnerability impacts data source and plugin proxy endpoints with authentication tokens. The destination plugin could receive a user's Grafana authentication token. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not use API keys, JWT authentication, or any HTTP Header based authentication.", }, { lang: "es", value: "Grafana es una plataforma de código abierto de observabilidad y visualización de datos. Las versiones de Grafana para endpoints anteriores a 9.1.8 y 8.5.14, podrían filtrar tokens de autenticación a algunos plugins de destino bajo algunas condiciones. La vulnerabilidad afecta a los endpoints de origen de datos y proxy de plugins con tokens de autenticación. El plugin de destino podría recibir el token de autenticación de Grafana de un usuario. Las versiones 9.1.8 y 8.5.14 contienen un parche para este problema. Como mitigación, no use claves de API, autenticación JWT o cualquier autenticación basada en encabezados HTTP", }, ], id: "CVE-2022-31130", lastModified: "2024-11-21T07:03:57.583", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-13T23:15:09.637", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/4dd56e4dabce10007bf4ba1059bf54178c35b177", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/9da278c044ba605eb5a1886c48df9a2cb0d3885f", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-jv32-5578-pxjc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/4dd56e4dabce10007bf4ba1059bf54178c35b177", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/9da278c044ba605eb5a1886c48df9a2cb0d3885f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-jv32-5578-pxjc", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-522", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-08 21:15
Modified
2024-11-21 06:45
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated attacker to view unintended data by querying for the specific team ID, `/teams/:search` will allow an authenticated attacker to search for teams and see the total number of available teams, including for those teams that the user does not have access to, and `/teams/:teamId/members` when editors_can_admin flag is enabled, an authenticated attacker can see unintended data by querying for the specific team ID. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "7E542A7D-ABD6-401A-B091-9B51E458236A", versionEndExcluding: "7.5.15", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "16145A8D-9FF1-4EEE-8E29-198B408582B8", versionEndExcluding: "8.3.5", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:5.0.0:beta1:*:*:*:*:*:*", matchCriteriaId: "9109F31C-C109-48D0-A928-D5E61B6A9547", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:5.0.0:beta2:*:*:*:*:*:*", matchCriteriaId: "60242F49-9899-4B4A-BD2B-99EF2B7DD22F", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:5.0.0:beta3:*:*:*:*:*:*", matchCriteriaId: "98551C43-BD4C-40CD-92C5-6A3005022CF5", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:5.0.0:beta4:*:*:*:*:*:*", matchCriteriaId: "E76F5633-7F85-4162-BA13-6F1D887ECE83", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:5.0.0:beta5:*:*:*:*:*:*", matchCriteriaId: "FF03FBD9-5AA0-4171-9EC7-84BFBCBE48D4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:*:*:*:*:*:*:*:*", matchCriteriaId: "CC05F69D-6C6B-472D-87B7-84231F14CA8B", versionEndExcluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated attacker to view unintended data by querying for the specific team ID, `/teams/:search` will allow an authenticated attacker to search for teams and see the total number of available teams, including for those teams that the user does not have access to, and `/teams/:teamId/members` when editors_can_admin flag is enabled, an authenticated attacker can see unintended data by querying for the specific team ID. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observabilidad. Las versiones afectadas de Grafana exponen varios endpoints de la API que no manejan apropiadamente la autorización del usuario. El punto API \"/teams/:teamId\" permitirá a un atacante autenticado visualizar datos no deseados al consultar por el ID del equipo específico, \"/teams/:search\" permitirá a un atacante autenticado buscar equipos y visualizar el número total de equipos disponibles, incluyendo aquellos equipos a los que el usuario no presenta acceso, y \"/teams/:teamId/members\" cuando el flag editors_can_admin está habilitada, un atacante autenticado puede visualizar datos no deseados al consultar por el ID del equipo específico. Se recomienda a usuarios actualizar lo antes posible. No hay medidas de mitigación adicionales conocidas para este problema", }, ], id: "CVE-2022-21713", lastModified: "2024-11-21T06:45:17.460", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-08T21:15:20.223", references: [ { source: "security-advisories@github.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/45083", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-63g3-9jq3-mccv", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/45083", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-63g3-9jq3-mccv", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-639", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-21 20:15
Modified
2024-11-21 06:53
Severity ?
Summary
An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in api_jsonrpc.php to discover the Zabbix account password and URL address.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://2k8.org/post-319.html | Exploit, Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20220425-0005/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://2k8.org/post-319.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20220425-0005/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| grafana | grafana | * | |
| redhat | ceph_storage | 3.0 | |
| redhat | ceph_storage | 4.0 | |
| redhat | ceph_storage | 5.0 | |
| redhat | storage | 3.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "D1352981-B332-49A3-B925-BBBB14778647", versionEndIncluding: "7.3.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*", matchCriteriaId: "516F4E8E-ED2F-4282-9DAB-D8B378F61258", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*", matchCriteriaId: "D6E54096-5D45-4CB2-AC9A-DDB55BF2B94C", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*", matchCriteriaId: "4E37E1B3-6F68-4502-85D6-68333643BDFF", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*", matchCriteriaId: "379A5883-F6DF-41F5-9403-8D17F6605737", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in api_jsonrpc.php to discover the Zabbix account password and URL address.", }, { lang: "es", value: "Se ha detectado un problema en Grafana versiones hasta 7.3.4, cuando es integrado con Zabbix. La contraseña de Zabbix puede encontrarse en el código fuente HTML api_jsonrpc.php. Cuando el usuario inicia la sesión y permite que sea registrado, puede hacerse clic con el botón derecho para visualizar el código fuente y usar Ctrl-F para buscar la contraseña en el archivo api_jsonrpc.php para detectar la contraseña de la cuenta de Zabbix y la dirección URL", }, ], id: "CVE-2022-26148", lastModified: "2024-11-21T06:53:31.593", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-21T20:15:14.030", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://2k8.org/post-319.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220425-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://2k8.org/post-319.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220425-0005/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-312", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-20 15:29
Modified
2024-11-21 03:40
Severity ?
Summary
Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting (XSS) vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser.. This attack appear to be exploitable via Authenticated user must click on the input field where the payload was previously inserted..
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/grafana/grafana/issues/13667 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/issues/13667 | Exploit, Issue Tracking, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:5.2.4:*:*:*:*:*:*:*", matchCriteriaId: "E914E8CE-658C-4A9B-B5D8-F3DCE052B670", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:5.3.0:*:*:*:*:*:*:*", matchCriteriaId: "86BE4AA6-C45B-4CA4-B2D6-27D853E55AF1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting (XSS) vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser.. This attack appear to be exploitable via Authenticated user must click on the input field where the payload was previously inserted..", }, { lang: "es", value: "Grafana, en versiones confirmadas para la 5.2.4 y la 5.3.0 contiene una vulnerabilidad Cross-Site Scripting (XSS) en el editor de consultas de Influxdb y Graphite que puede resultar en la ejecución de código js arbitrario en el navegador de la víctima. Este ataque parece ser explotable si un usuario autenticado hace clic en el campo de entrada donde la carga útil se insertó previamente.", }, ], id: "CVE-2018-1000816", lastModified: "2024-11-21T03:40:25.107", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-20T15:29:00.643", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/13667", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/13667", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-08 21:15
Modified
2024-11-21 06:45
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attackers to elevate their privileges by mounting cross-origin attacks against authenticated high-privilege Grafana users (for example, Editors or Admins). An attacker can exploit this vulnerability for privilege escalation by tricking an authenticated user into inviting the attacker as a new user with high privileges. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| grafana | grafana | * | |
| grafana | grafana | * | |
| grafana | grafana | 3.0.0 | |
| grafana | grafana | 3.0.0 | |
| grafana | grafana | 3.0.0 | |
| grafana | grafana | 3.0.0 | |
| grafana | grafana | 3.0.0 | |
| grafana | grafana | 3.0.0 | |
| grafana | grafana | 3.0.0 | |
| netapp | e-series_performance_analyzer | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "1F2335D6-B310-42E7-8FC8-25B8E2264829", versionEndExcluding: "7.5.15", versionStartIncluding: "3.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "16145A8D-9FF1-4EEE-8E29-198B408582B8", versionEndExcluding: "8.3.5", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:3.0.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D738463C-2E39-42D3-A730-5A49594825CC", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:3.0.0:beta2:*:*:*:*:*:*", matchCriteriaId: "152CFB89-E06C-455E-8B72-016F44D33DA1", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:3.0.0:beta3:*:*:*:*:*:*", matchCriteriaId: "3E44CD01-FC42-4A90-B976-87E65F3C3E44", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:3.0.0:beta4:*:*:*:*:*:*", matchCriteriaId: "6B0D67F3-2D3C-4DB7-BF59-4719BCF8A613", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:3.0.0:beta5:*:*:*:*:*:*", matchCriteriaId: "1804B55D-0FAA-4529-9749-8342A779430D", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:3.0.0:beta6:*:*:*:*:*:*", matchCriteriaId: "EAF5DF18-EAD2-4888-B1B7-0506C0F893EB", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:3.0.0:beta7:*:*:*:*:*:*", matchCriteriaId: "9376D16C-2453-4E08-981C-4789F741FA5E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:*:*:*:*:*:*:*:*", matchCriteriaId: "CC05F69D-6C6B-472D-87B7-84231F14CA8B", versionEndExcluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attackers to elevate their privileges by mounting cross-origin attacks against authenticated high-privilege Grafana users (for example, Editors or Admins). An attacker can exploit this vulnerability for privilege escalation by tricking an authenticated user into inviting the attacker as a new user with high privileges. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observabilidad. Las versiones afectadas están sujetas a una vulnerabilidad de tipo cross site request forgery que permite a atacantes elevar sus privilegios al montar ataques de origen cruzado contra usuarios autenticados de Grafana con altos privilegios (por ejemplo, editores o administradores). Un atacante puede explotar esta vulnerabilidad para una elevación de privilegios al engañar a un usuario autenticado para que invite al atacante como un nuevo usuario con altos privilegios. Se recomienda a usuarios actualizar lo antes posible. No hay medidas de mitigación adicionales conocidas para este problema", }, ], id: "CVE-2022-21703", lastModified: "2024-11-21T06:45:16.160", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 4.2, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-08T21:15:20.150", references: [ { source: "security-advisories@github.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/45083", }, { source: "security-advisories@github.com", tags: [ "Mitigation", "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-cmf4-h3xc-jw8w", }, { source: "security-advisories@github.com", tags: [ "Mitigation", "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/45083", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-cmf4-h3xc-jw8w", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220303-0005/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-05-20 16:15
Modified
2024-11-21 06:58
Severity ?
6.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L
8.5 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
8.5 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
Summary
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "FC55C7C9-9D9E-44CF-AA6E-68EF91ADBB3D", versionEndExcluding: "7.5.16", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "5ACB9723-0EAD-4B4D-BBB3-8F0B86314E19", versionEndExcluding: "8.5.3", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observabilidad. En Grafana Enterprise, la función de seguridad Request permite configurar Grafana de forma que la instancia no llame o sólo llame a determinados hosts. La vulnerabilidad presente a partir de la versión 7.4.0-beta1 y anteriores a las versiones 7.5.16 y 8.5.3 permite a alguien saltarse estas configuraciones de seguridad si un datasource malicioso (que se ejecuta en un host permitido) devuelve una redirección HTTP a un host prohibido. La vulnerabilidad sólo afecta a Grafana Enterprise cuando se utiliza la lista de permisos de seguridad de solicitud y existe la posibilidad de añadir un origen de datos personalizado a Grafana que devuelva redirecciones HTTP. En este escenario, Grafana seguiría ciegamente las redirecciones y potencialmente daría información segura a los clientes. Grafana Cloud no se ve afectado por esta vulnerabilidad. Las versiones 7.5.16 y 8.5.3 contienen un parche para este problema. Actualmente no hay soluciones conocidas", }, ], id: "CVE-2022-29170", lastModified: "2024-11-21T06:58:37.980", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4.9, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 4.7, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 4.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-05-20T16:15:09.513", references: [ { source: "security-advisories@github.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/49240", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v7.5.16", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v8.5.3", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-9rrr-6fq2-4f99", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220707-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/49240", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v7.5.16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v8.5.3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-9rrr-6fq2-4f99", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220707-0005/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-601", }, ], source: "security-advisories@github.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-06 19:15
Modified
2025-02-13 17:16
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Grafana is an open-source platform for monitoring and observability.
Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance.
The only feature that uses mixed queries at the moment is public dashboards, but it's also possible to cause this by calling the query API directly.
This might enable malicious users to crash Grafana instances through that endpoint.
Users may upgrade to version 9.4.12 and 9.5.3 to receive a fix.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "F7E1DC65-AEE9-4296-98A8-B0F8C0794B39", versionEndExcluding: "9.4.12", versionStartIncluding: "9.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "109E940E-B6B4-4E5A-A580-C58A26CD4392", versionEndExcluding: "9.5.3", versionStartIncluding: "9.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. \n\nUsing public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance.\n\nThe only feature that uses mixed queries at the moment is public dashboards, but it's also possible to cause this by calling the query API directly.\n\nThis might enable malicious users to crash Grafana instances through that endpoint.\n\nUsers may upgrade to version 9.4.12 and 9.5.3 to receive a fix.", }, ], id: "CVE-2023-2801", lastModified: "2025-02-13T17:16:22.810", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-06T19:15:11.413", references: [ { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-2801/", }, { source: "security@grafana.com", url: "https://security.netapp.com/advisory/ntap-20230706-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-2801/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230706-0002/", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-820", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-662", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-10-16 09:15
Modified
2025-02-13 18:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Grafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations.
It also allows an Organization Admin to assign or revoke any permissions that they have to any user globally.
This means that any Organization Admin can elevate their own permissions in any organization that they are already a member of, or elevate or restrict the permissions of any other user.
The vulnerability does not allow a user to become a member of an organization that they are not already a member of, or to add any other users to an organization that the current user is not a member of.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "8CFCC7A6-6B10-4D58-943A-B06CC89E7CC3", versionEndExcluding: "9.4.16", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "C9F3F5A1-5ADC-4EAC-A5A7-45AC526CC1AA", versionEndExcluding: "9.5.11", versionStartIncluding: "9.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "BF4F5EE8-DF8D-4D2E-B5DD-A6B07B5D38D0", versionEndExcluding: "10.0.7", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "690FA2F5-C60D-48C6-9440-49D67FFEC735", versionEndExcluding: "10.1.3", versionStartIncluding: "10.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:10.1.4:*:*:*:enterprise:*:*:*", matchCriteriaId: "35945044-68EF-43DC-96FA-FB7B14BCCA87", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations.\n\nIt also allows an Organization Admin to assign or revoke any permissions that they have to any user globally.\n\nThis means that any Organization Admin can elevate their own permissions in any organization that they are already a member of, or elevate or restrict the permissions of any other user.\n\nThe vulnerability does not allow a user to become a member of an organization that they are not already a member of, or to add any other users to an organization that the current user is not a member of.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para monitorización y observabilidad. La vulnerabilidad afecta las instancias de Grafana con varias organizaciones y permite a un usuario con permisos de Organization Admin en una organización cambiar los permisos asociados con los roles de Organization Viewer, Organization Editor and Organization Admin en todas las organizaciones. También permite que un Organization Admin asigne o revoque cualquier permiso que tenga para cualquier usuario a nivel mundial. Esto significa que cualquier Organization Admin puede elevar sus propios permisos en cualquier organización de la que ya sea miembro, y elevar o restringir los permisos de cualquier otro usuario. La vulnerabilidad no permite que un usuario se convierta en miembro de una organización de la que aún no es miembro, ni agregue otros usuarios a una organización de la que el usuario actual no es miembro.", }, ], id: "CVE-2023-4822", lastModified: "2025-02-13T18:15:47.807", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.5, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-10-16T09:15:11.687", references: [ { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-4822", }, { source: "security@grafana.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20231103-0008/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-4822", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20231103-0008/", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-09 23:15
Modified
2024-11-21 07:18
Severity ?
6.7 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the `/api/user/password/sent-reset-email` URL. When the username or email does not exist, a JSON response contains a “user not found” message. This leaks information to unauthenticated users and introduces a security risk. This issue has been patched in 9.2.4 and backported to 8.5.15. There are no known workarounds.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "E14BE3CF-706D-46EF-BC46-176252F61AA4", versionEndExcluding: "8.5.15", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "3E1FE6F4-C2C8-432B-91AF-01A4D4036956", versionEndExcluding: "9.2.4", versionStartIncluding: "9.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the `/api/user/password/sent-reset-email` URL. When the username or email does not exist, a JSON response contains a “user not found” message. This leaks information to unauthenticated users and introduces a security risk. This issue has been patched in 9.2.4 and backported to 8.5.15. There are no known workarounds.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para monitorización y observabilidad. Cuando se utiliza la opción de olvidar contraseña en la página de inicio de sesión, se realiza una solicitud POST a la URL `/api/user/password/sent-reset-email`. Cuando el nombre de usuario o el correo electrónico no existe, una respuesta JSON contiene un mensaje \"usuario no encontrado\". Esto filtra información a usuarios no autenticados e introduce un riesgo de seguridad. Este problema se solucionó en 9.2.4 y se actualizó a 8.5.15. No se conocen workarounds.", }, ], id: "CVE-2022-39307", lastModified: "2024-11-21T07:18:00.080", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.5, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-11-09T23:15:12.617", references: [ { source: "security-advisories@github.com", tags: [ "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-3p62-42x7-gxg5", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221215-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-3p62-42x7-gxg5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221215-0004/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-209", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-09-03 12:15
Modified
2024-11-21 04:27
Severity ?
Summary
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "35B2F43D-9037-4FA6-853E-1B00E1E96457", versionEndExcluding: "5.4.5", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "52DED895-3E2B-4109-96D4-59EBA368A9BA", versionEndExcluding: "6.3.4", versionStartIncluding: "6.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.", }, { lang: "es", value: "En Grafana versión 2.x hasta la versión 6.x en versiones anteriores a la 6.3.4, partes de la API HTTP permiten el uso no autenticado. Esto hace posible ejecutar un ataque de denegación de servicio contra el servidor que ejecuta Grafana.", }, ], id: "CVE-2019-15043", lastModified: "2024-11-21T04:27:56.410", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-09-03T12:15:10.933", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-5-4-5-and-6-3-4-security-update/20569", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://community.grafana.com/t/release-notes-v6-3-x/19202", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/grafana/grafana/releases", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RF5ARGYX3WYB7H2FDR7VAWTEQ27UX3FU/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UO4NBL7PKW4OSFRVZENGC42EWEJV2YAH/", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20191004-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-5-4-5-and-6-3-4-security-update/20569", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://community.grafana.com/t/release-notes-v6-3-x/19202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/grafana/grafana/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RF5ARGYX3WYB7H2FDR7VAWTEQ27UX3FU/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UO4NBL7PKW4OSFRVZENGC42EWEJV2YAH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20191004-0004/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-01-18 22:15
Modified
2024-11-21 06:45
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will forward the OAuth Identity of the most recently logged-in user. This can allow API token holders to retrieve data for which they may not have intended access. This attack relies on the Grafana instance having data sources that support the Forward OAuth Identity feature, the Grafana instance having a data source with the Forward OAuth Identity feature toggled on, the Grafana instance having OAuth enabled, and the Grafana instance having usable API keys. This issue has been patched in versions 7.5.13 and 8.3.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| grafana | grafana | * | |
| grafana | grafana | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "DB832562-836C-4E18-8086-1260790CD2EE", versionEndExcluding: "7.5.13", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "4FE88214-73A3-43A6-9858-F8CDE027D1FA", versionEndExcluding: "8.3.4", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will forward the OAuth Identity of the most recently logged-in user. This can allow API token holders to retrieve data for which they may not have intended access. This attack relies on the Grafana instance having data sources that support the Forward OAuth Identity feature, the Grafana instance having a data source with the Forward OAuth Identity feature toggled on, the Grafana instance having OAuth enabled, and the Grafana instance having usable API keys. This issue has been patched in versions 7.5.13 and 8.3.4.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observabilidad. En las versiones afectadas, cuando una fuente de datos tiene habilitada la funcionalidad Forward OAuth Identity, el envío de una consulta a esa fuente de datos con un token de API (y sin otras credenciales de usuario) reenviará la OAuth Identity del usuario que haya iniciado sesión más recientemente. Esto puede permitir a poseedores de tokens de API recuperar datos a los que no presentan acceso previsto. Este ataque depende de que la instancia de Grafana tenga fuentes de datos que soporten la funcionalidad Forward OAuth Identity, de que la instancia de Grafana tenga una fuente de datos con la función Forward OAuth Identity activada, de que la instancia de Grafana tenga OAuth habilitado y de que la instancia de Grafana tenga claves de API usables. Este problema ha sido corregido en las versiones 7.5.13 y 8.3.4", }, ], id: "CVE-2022-21673", lastModified: "2024-11-21T06:45:12.247", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-01-18T22:15:07.873", references: [ { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v7.5.13", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v8.3.4", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-8wjh-59cw-9xh4", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220303-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v7.5.13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v8.3.4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-8wjh-59cw-9xh4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220303-0004/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-27 23:15
Modified
2024-11-21 06:48
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance.
An attacker needs to have the Editor role in order to change a panel to include either an external URL to a SVG-file containing JavaScript, or use the `data:` scheme to load an inline SVG-file containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard.
Users may upgrade to version 8.5.16, 9.2.10, or 9.3.4 to receive a fix.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "5BD0E7E3-A021-4B47-82B2-761FEBA27EFC", versionEndExcluding: "8.5.16", versionStartIncluding: "8.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "7CAA5402-01AD-4FF5-AABE-B227C035F1F4", versionEndExcluding: "9.2.10", versionStartIncluding: "9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "E8642012-7942-4810-8DB0-1894D3BF4662", versionEndExcluding: "9.3.4", versionStartIncluding: "9.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. \n\nAn attacker needs to have the Editor role in order to change a panel to include either an external URL to a SVG-file containing JavaScript, or use the `data:` scheme to load an inline SVG-file containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.16, 9.2.10, or 9.3.4 to receive a fix.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para monitoreo y observabilidad. A partir de la rama 8.1 y antes de las versiones 8.5.16, 9.2.10 y 9.3.4, Grafana tenía una vulnerabilidad XSS almacenada que afectaba al complemento principal GeoMap. La vulnerabilidad XSS almacenada fue posible porque los archivos SVG no se desinfectaron adecuadamente y permitieron la ejecución de JavaScript arbitrario en el contexto del usuario actualmente autorizado de la instancia de Grafana. Un atacante debe tener la función de Editor para cambiar un panel para incluir una URL externa a un archivo SVG que contenga JavaScript o usar el esquema `datos:` para cargar un archivo SVG en línea que contenga JavaScript. Esto significa que es posible una escalada de privilegios vertical, donde un usuario con rol de editor puede cambiar a una contraseña conocida para un usuario que tiene rol de administrador si el usuario con rol de administrador ejecuta JavaScript malicioso al ver un panel. Los usuarios pueden actualizar a la versión 8.5.16, 9.2.10 o 9.3.4 para recibir una solución.", }, ], id: "CVE-2022-23552", lastModified: "2024-11-21T06:48:47.867", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 5.2, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-27T23:15:08.597", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/1c8a50b36973bd59a1cc5f34c30de8a9a6a431f0", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/8b574e22b53aa4c5a35032a58844fd4aaaa12f5f", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/c022534e3848a5d45c0b3face23b43aa44e4400a", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/62143", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-8xmm-x63g-f6xv", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/1c8a50b36973bd59a1cc5f34c30de8a9a6a431f0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/8b574e22b53aa4c5a35032a58844fd4aaaa12f5f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/c022534e3848a5d45c0b3face23b43aa44e4400a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/62143", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-8xmm-x63g-f6xv", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230302-0008/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-24 21:15
Modified
2024-11-21 04:59
Severity ?
Summary
Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "474989AC-354C-4AFB-8A3B-1A52ED4245B8", versionEndExcluding: "6.7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip.", }, { lang: "es", value: "Grafana versiones anteriores a la versiones 6.7.3, permite un ataque de tipo XSS del panel de tabla por medio de column.title o cellLinkTooltip.", }, ], id: "CVE-2020-12245", lastModified: "2024-11-21T04:59:22.397", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-24T21:15:13.920", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#673-2020-04-23", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/grafana/grafana/pull/23816", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20200511-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#673-2020-04-23", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/grafana/grafana/pull/23816", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20200511-0001/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-01 16:15
Modified
2025-02-13 17:15
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Grafana is an open-source platform for monitoring and observability.
Starting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap.
The stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance.
An attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript.
This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard.
Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "C69BD980-A7D8-4E4F-9D05-BD0FD13F5B24", versionEndExcluding: "8.5.21", versionStartIncluding: "8.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "C011698D-074B-486F-AACF-770F4EB94696", versionEndExcluding: "9.2.13", versionStartIncluding: "9.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "F026C7DA-A969-45F5-83AF-582651D1AA0A", versionEndExcluding: "9.3.8", versionStartIncluding: "9.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. \n\nThe stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. \n\nAn attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. \n\nThis means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.", }, ], id: "CVE-2023-0507", lastModified: "2025-02-13T17:15:55.760", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 5.2, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-01T16:15:09.647", references: [ { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-0507/", }, { source: "security@grafana.com", url: "https://security.netapp.com/advisory/ntap-20230413-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-0507/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230413-0001/", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-27 13:15
Modified
2024-11-21 04:59
Severity ?
Summary
Grafana version < 6.7.3 is vulnerable for annotation popup XSS.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "474989AC-354C-4AFB-8A3B-1A52ED4245B8", versionEndExcluding: "6.7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana version < 6.7.3 is vulnerable for annotation popup XSS.", }, { lang: "es", value: "Grafana versiones anteriores a la versión 6.7.3, es vulnerable a un ataque de tipo XSS del popup de anotaciones.", }, ], id: "CVE-2020-12052", lastModified: "2024-11-21T04:59:11.260", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-27T13:15:12.443", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20200511-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20200511-0001/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-01 16:15
Modified
2024-11-21 07:37
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Grafana is an open-source platform for monitoring and observability.
Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization.
The stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this will be rendered when the span's attributes/resources are expanded.
An attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript.
This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard.
Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "C8F0A695-0DD1-44B2-8E2E-34EB9E611038", versionEndExcluding: "8.5.21", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "C011698D-074B-486F-AACF-770F4EB94696", versionEndExcluding: "9.2.13", versionStartIncluding: "9.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "F026C7DA-A969-45F5-83AF-582651D1AA0A", versionEndExcluding: "9.3.8", versionStartIncluding: "9.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. \n\nThe stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this will be rendered when the span's attributes/resources are expanded.\n\nAn attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript. \n\nThis means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix. \n\n", }, ], id: "CVE-2023-0594", lastModified: "2024-11-21T07:37:27.510", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 5.2, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-01T16:15:09.743", references: [ { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-0594/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-0594/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230331-0007/", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-10 21:15
Modified
2024-11-21 06:29
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "9E8AA544-0EAE-40C6-8C0E-E1276C1A2D32", versionEndExcluding: "7.5.12", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "072437F7-4A16-4373-9026-7C20B0D2AFB8", versionEndExcluding: "8.3.2", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observabilidad. Grafana versiones anteriores a 8.3.2 y 7.5.12, presenta un salto de directorios para archivos .csv arbitrarios. Sólo afecta a las instancias que tienen habilitada y configurada la herramienta de pruebas para desarrolladores llamada fuente de datos TestData DB. La vulnerabilidad presenta un alcance limitado y sólo permite el acceso a los archivos con la extensión .csv a usuarios autenticados. Las instancias de Grafana Cloud no se han visto afectadas por la vulnerabilidad. Las versiones 8.3.2 y 7.5.12 contienen un parche para este problema. Se presenta una solución disponible para usuarios que no pueden actualizar. Ejecutar un proxy inverso frente a Grafana que normalice el PATH de la petición mitigará la vulnerabilidad. El proxy también tendrá que ser capaz de manejar rutas codificadas con url", }, ], id: "CVE-2021-43815", lastModified: "2024-11-21T06:29:51.050", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-10T21:15:09.497", references: [ { source: "security-advisories@github.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/d6ec6f8ad28f0212e584406730f939105ff6c6d3", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v8.3.2", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-7533-c8qv-jm9m", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220107-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/d6ec6f8ad28f0212e584406730f939105ff6c6d3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v8.3.2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-7533-c8qv-jm9m", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220107-0006/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-09 22:15
Modified
2024-11-21 07:17
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Summary
Grafana is an open-source platform for monitoring and observability. Versions prior to 9.2.4, or 8.5.15 on the 8.X branch, are subject to Improper Input Validation. Grafana admins can invite other members to the organization they are an admin for. When admins add members to the organization, non existing users get an email invite, existing members are added directly to the organization. When an invite link is sent, it allows users to sign up with whatever username/email address the user chooses and become a member of the organization. This introduces a vulnerability which can be used with malicious intent. This issue is patched in version 9.2.4, and has been backported to 8.5.15. There are no known workarounds.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "0ECEA474-C936-4774-AB72-0446551C3D64", versionEndExcluding: "8.5.15", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "3E1FE6F4-C2C8-432B-91AF-01A4D4036956", versionEndExcluding: "9.2.4", versionStartIncluding: "9.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.2.4, or 8.5.15 on the 8.X branch, are subject to Improper Input Validation. Grafana admins can invite other members to the organization they are an admin for. When admins add members to the organization, non existing users get an email invite, existing members are added directly to the organization. When an invite link is sent, it allows users to sign up with whatever username/email address the user chooses and become a member of the organization. This introduces a vulnerability which can be used with malicious intent. This issue is patched in version 9.2.4, and has been backported to 8.5.15. There are no known workarounds.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para monitorización y observabilidad. Las versiones anteriores a 9.2.4 u 8.5.15 en la rama 8.X están sujetas a una validación de entrada incorrecta. Los administradores de Grafana pueden invitar a otros miembros a la organización de la que son administradores. Cuando los administradores agregan miembros a la organización, los usuarios no existentes reciben una invitación por correo electrónico y los miembros existentes se agregan directamente a la organización. Cuando se envía un enlace de invitación, permite a los usuarios registrarse con cualquier nombre de usuario/dirección de correo electrónico que elijan y convertirse en miembros de la organización. Esto introduce una vulnerabilidad que puede utilizarse con intenciones maliciosas. Este problema se solucionó en la versión 9.2.4 y se actualizó a la 8.5.15. No se conocen workarounds alternativos.", }, ], id: "CVE-2022-39306", lastModified: "2024-11-21T07:17:59.950", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-11-09T22:15:16.303", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-2x6g-h2hg-rq84", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221215-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-2x6g-h2hg-rq84", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221215-0004/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-22 15:15
Modified
2024-11-21 05:59
Severity ?
Summary
One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service (DoS) attack against a Grafana Enterprise instance.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "57D0867F-AE3E-4527-B891-CE8DD0CC4536", versionEndExcluding: "6.7.6", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "B3EB7759-355F-4E65-8227-1BB21F74C167", versionEndExcluding: "7.3.10", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "7CFD90C0-68A4-40F8-82FF-4B161A38C378", versionEndExcluding: "7.4.5", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service (DoS) attack against a Grafana Enterprise instance.", }, { lang: "es", value: "Uno de los endpoints de la API HTTP de información de uso en Grafana Enterprise versiones 6.x anteriores a 6.7.6, versiones 7.x anteriores a 7.3.10 y versiones 7.4.x anteriores a 7.4.5, es accesible sin ninguna autenticación. Esto permite a cualquier usuario no autenticado enviar un número ilimitado de peticiones al endpoint, conllevando a un ataque de denegación de servicio (DoS) contra una instancia de Grafana Enterprise", }, ], id: "CVE-2021-28148", lastModified: "2024-11-21T05:59:11.060", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-22T15:15:14.597", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, { source: "cve@mitre.org", tags: [ "Product", "Vendor Advisory", ], url: "https://grafana.com/products/enterprise/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210430-0005/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Vendor Advisory", ], url: "https://grafana.com/products/enterprise/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210430-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2021/03/19/5", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-03 18:15
Modified
2024-11-21 06:25
Severity ?
6.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor(‘alert(1)’)()}}. When the user follows the link and the page renders, the login button will contain the original link with a query parameter to force a redirect to the login page. The URL is not validated and the AngularJS rendering engine will execute the JavaScript expression contained in the URL. Users are advised to upgrade as soon as possible. If for some reason you cannot upgrade, you can use a reverse proxy or similar to block access to block the literal string {{ in the path.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "A9B9C101-2003-4213-9B6D-B92CDD6C3370", versionEndExcluding: "8.2.3", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor(‘alert(1)’)()}}. When the user follows the link and the page renders, the login button will contain the original link with a query parameter to force a redirect to the login page. The URL is not validated and the AngularJS rendering engine will execute the JavaScript expression contained in the URL. Users are advised to upgrade as soon as possible. If for some reason you cannot upgrade, you can use a reverse proxy or similar to block access to block the literal string {{ in the path.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observabilidad. En las versiones afectadas, si un atacante es capaz de convencer a una víctima de que visite una URL que haga referencia a una página vulnerable, se puede ejecutar contenido JavaScript arbitrario en el contexto del navegador de la víctima. El usuario que visita el enlace malicioso debe no estar autenticado y el enlace debe ser para una página que contenga el botón de inicio de sesión en la barra de menú. La url tiene que estar diseñada para explotar el renderizado de AngularJS y contener el enlace de interpolación para las expresiones de AngularJS. AngularJS utiliza llaves dobles para la interpolación: {{ }} ej: {{constructor.constructor('alert(1)')()}}. Cuando el usuario sigue el enlace y la página se renderiza, el botón de inicio de sesión contendrá el enlace original con un parámetro de consulta para forzar una redirección a la página de inicio de sesión. La URL no se valida y el motor de renderizado de AngularJS ejecutará la expresión JavaScript contenida en la URL. Se recomienda a los usuarios que actualicen lo antes posible. Si por alguna razón no pueden actualizar, pueden utilizar un proxy inverso o similar para bloquear el acceso a la cadena literal {{ en la ruta", }, ], id: "CVE-2021-41174", lastModified: "2024-11-21T06:25:40.410", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 4.7, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-03T18:15:08.413", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/fb85ed691290d211a5baa44d9a641ab137f0de88", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211125-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/fb85ed691290d211a5baa44d9a641ab137f0de88", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211125-0003/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-22 14:15
Modified
2024-11-21 05:58
Severity ?
Summary
Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "9E9735BD-3047-4AB2-96A8-B7C982CF3B60", versionEndExcluding: "7.3.10", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "7CFD90C0-68A4-40F8-82FF-4B161A38C378", versionEndExcluding: "7.4.5", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access.", }, { lang: "es", value: "Grafana Enterprise versiones 7.2.x y 7.3.x anteriores a 7.3.10 y versiones 7.4.x anteriores a 7.4.5, permite a un editor de tablero omitir una comprobación de permisos relacionada con una fuente de datos a la que no debería poder ser capaz de acceder", }, ], id: "CVE-2021-27962", lastModified: "2024-11-21T05:58:55.183", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4.9, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-22T14:15:14.023", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/19/5", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/19/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://community.grafana.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://community.grafana.com/t/release-notes-v6-7-x/27119", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-02 17:15
Modified
2024-11-21 03:56
Severity ?
Summary
Grafana 5.3.1 has XSS via a column style on the "Dashboard > Table Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "B5A57091-8B8C-48EE-AD42-0E16B2961231", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana 5.3.1 has XSS via a column style on the \"Dashboard > Table Panel\" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.", }, { lang: "es", value: "Grafana versión 5.3.1, presenta una vulnerabilidad de tipo XSS por medio de un estilo de columna en la pantalla \"Dashboard ) Table Panel\". NOTA: este problema se presenta debido a una corrección incompleta para CVE-2018-12099.", }, ], id: "CVE-2018-18624", lastModified: "2024-11-21T03:56:15.300", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-02T17:15:11.487", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/11813", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/11813", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20200608-0008/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-05-24 18:15
Modified
2024-11-21 05:01
Severity ?
Summary
Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/grafana/grafana/pull/24539 | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/grafana/grafana/releases/tag/v7.0.0 | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20200528-0003/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/pull/24539 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/releases/tag/v7.0.0 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20200528-0003/ | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "095C0593-F773-43EF-9A75-78D2DC2895BB", versionEndExcluding: "7.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.", }, { lang: "es", value: "Grafana versiones anteriores a 7.0.0, permite un ataque de tipo XSS del valor de etiqueta por medio de la fuente de datos OpenTSDB.", }, ], id: "CVE-2020-13430", lastModified: "2024-11-21T05:01:14.780", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-05-24T18:15:10.097", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/24539", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v7.0.0", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200528-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/24539", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v7.0.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200528-0003/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 17:15
Modified
2024-11-21 06:51
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Grafana is an open-source platform for monitoring and observability. When fine-grained access control is enabled and a client uses Grafana API Key to make requests, the permissions for that API Key are cached for 30 seconds for the given organization. Because of the way the cache ID is constructed, the consequent requests with any API Key evaluate to the same permissions as the previous requests. This can lead to an escalation of privileges, when for example a first request is made with Admin permissions, and the second request with different API Key is made with Viewer permissions, the second request will get the cached permissions from the previous Admin, essentially accessing higher privilege than it should. The vulnerability is only impacting Grafana Enterprise when the fine-grained access control beta feature is enabled and there are more than one API Keys in one organization with different roles assigned. All installations after Grafana Enterprise v8.1.0-beta1 should be upgraded as soon as possible. As an alternative, disable fine-grained access control will mitigate the vulnerability.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "78D22073-11CA-4ED7-8A39-2DA3E142A74E", versionEndExcluding: "8.4.6", versionStartIncluding: "8.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. When fine-grained access control is enabled and a client uses Grafana API Key to make requests, the permissions for that API Key are cached for 30 seconds for the given organization. Because of the way the cache ID is constructed, the consequent requests with any API Key evaluate to the same permissions as the previous requests. This can lead to an escalation of privileges, when for example a first request is made with Admin permissions, and the second request with different API Key is made with Viewer permissions, the second request will get the cached permissions from the previous Admin, essentially accessing higher privilege than it should. The vulnerability is only impacting Grafana Enterprise when the fine-grained access control beta feature is enabled and there are more than one API Keys in one organization with different roles assigned. All installations after Grafana Enterprise v8.1.0-beta1 should be upgraded as soon as possible. As an alternative, disable fine-grained access control will mitigate the vulnerability.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observabilidad. Cuando el control de acceso de grano fino está habilitado y un cliente usa la API Key de Grafana para hacer peticiones, los permisos para esa API Key se almacenan en caché durante 30 segundos para la organización dada. Debido a la forma en que es construida el ID de la caché, las peticiones consecuentes con cualquier API Key son evaluadas con los mismos permisos que las peticiones anteriores. Esto puede conllevar a una escalada de privilegios, cuando por ejemplo una primera petición es realizada con permisos de Administrador, y la segunda petición con diferente API Key es realizada con permisos de Visor, la segunda petición obtendrá los permisos almacenados en caché del Administrador anterior, accediendo esencialmente a un privilegio mayor del que debería. La vulnerabilidad sólo afecta a Grafana Enterprise cuando la función beta de control de acceso de grano fino está habilitada y presenta más de una API Key en una organización con diferentes roles asignados. Todas las instalaciones posteriores a Grafana Enterprise v8.1.0-beta1 deberían actualizarse lo antes posible. Como alternativa, deshabilitar el control de acceso de grano fino mitigará la vulnerabilidad", }, ], id: "CVE-2022-24812", lastModified: "2024-11-21T06:51:09.210", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T17:15:09.503", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-82gq-xfg3-5j7v", }, { source: "security-advisories@github.com", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2022/04/12/grafana-enterprise-8.4.6-released-with-high-severity-security-fix/", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-4-6/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220519-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-82gq-xfg3-5j7v", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/blog/2022/04/12/grafana-enterprise-8.4.6-released-with-high-severity-security-fix/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-4-6/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220519-0005/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "security-advisories@github.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-15 13:15
Modified
2024-11-21 07:03
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user's external user id is not already associated with an account in Grafana, the malicious user's email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user's Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "84AA9DAD-BDBD-402E-B680-250A7295B57E", versionEndExcluding: "8.3.10", versionStartIncluding: "5.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "A5136FB0-D7F8-4BDD-9C70-CB2648065A1F", versionEndExcluding: "8.4.10", versionStartIncluding: "8.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "7C2FAADE-D9EA-431C-ACFA-9F846F14B5A2", versionEndExcluding: "8.5.9", versionStartIncluding: "8.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "A29E8B3E-D3A9-49A4-ABCD-4E87F8B527DD", versionEndExcluding: "9.0.3", versionStartIncluding: "9.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", matchCriteriaId: "24B8DB06-590A-4008-B0AB-FCD1401C77C6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user's external user id is not already associated with an account in Grafana, the malicious user's email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user's Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para la monitorización y la observación. En versiones 5.3 hasta 9.0.3, 8.5.9, 8.4.10 y 8.3.10, es posible que un usuario malicioso que tenga autorización para iniciar sesión en una instancia de Grafana por medio de un IdP de OAuth configurado que proporcione un nombre de inicio de sesión, tome la cuenta de otro usuario en esa instancia de Grafana. Esto puede ocurrir cuando el usuario malicioso está autorizado a iniciar sesión en Grafana por medio de OAuth, el id de usuario externo del usuario malicioso no está ya asociado a una cuenta en Grafana, la dirección de correo electrónico del usuario malicioso no está ya asociada a una cuenta en Grafana, y el usuario malicioso conoce el nombre de usuario de Grafana del usuario objetivo. Si son cumplidas estas condiciones, el usuario malicioso puede establecer su nombre de usuario en el proveedor OAuth al del usuario objetivo, y luego pasar por el flujo OAuth para iniciar sesión en Grafana. Debido a la forma en que las cuentas de usuario externas e internas están vinculadas durante el inicio de sesión, si las condiciones anteriores son cumplidas, el usuario malicioso podrá iniciar sesión en la cuenta de Grafana del usuario objetivo. Las versiones 9.0.3, 8.5.9, 8.4.10 y 8.3.10 contienen un parche para este problema. Como mitigación, los usuarios afectados pueden deshabilitar el inicio de sesión de OAuth en su instancia de Grafana, o asegurarse de que todos los usuarios autorizados a iniciar sesión por medio de OAuth presentan una cuenta de usuario correspondiente en Grafana vinculada a su dirección de correo electrónico", }, ], id: "CVE-2022-31107", lastModified: "2024-11-21T07:03:54.563", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.5, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-15T13:15:08.397", references: [ { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-mx47-6497-3fv2", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-5-9/", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-9-0-3/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220901-0010/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-mx47-6497-3fv2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-8-5-9/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/grafana/next/release-notes/release-notes-9-0-3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220901-0010/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-13 23:15
Modified
2024-11-21 07:17
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email address as a username. A Grafana user’s username and email address are unique fields, that means no other user can have the same username or email address as another user. A user can have an email address as a username. However, the login system allows users to log in with either username or email address. Since Grafana allows a user to log in with either their username or email address, this creates an usual behavior where `user_1` can register with one email address and `user_2` can register their username as `user_1`’s email address. This prevents `user_1` logging into the application since `user_1`'s password won’t match with `user_2`'s email address. Versions 9.1.8 and 8.5.14 contain a patch. There are no workarounds for this issue.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "3959EA7C-8C8F-4CA2-B33F-F9BBAB8CD15C", versionEndExcluding: "8.5.14", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "E8E1ACC7-F43B-4395-A1FD-44CAEB43430D", versionEndExcluding: "9.1.8", versionStartIncluding: "9.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email address as a username. A Grafana user’s username and email address are unique fields, that means no other user can have the same username or email address as another user. A user can have an email address as a username. However, the login system allows users to log in with either username or email address. Since Grafana allows a user to log in with either their username or email address, this creates an usual behavior where `user_1` can register with one email address and `user_2` can register their username as `user_1`’s email address. This prevents `user_1` logging into the application since `user_1`'s password won’t match with `user_2`'s email address. Versions 9.1.8 and 8.5.14 contain a patch. There are no workarounds for this issue.", }, { lang: "es", value: "Grafana es una plataforma de visualización de datos de código abierto para métricas, registros y trazas. Las versiones anteriores a 9.1.8 y 8.5.14 permiten que un usuario bloquee el intento de inicio de sesión de otro al registrar la dirección de correo electrónico de otra persona como nombre de usuario. El nombre de usuario y la dirección de correo electrónico de un usuario de Grafana son campos únicos, lo que significa que ningún otro usuario puede tener el mismo nombre de usuario o dirección de correo electrónico que otro usuario. Un usuario puede tener una dirección de correo electrónico como nombre de usuario. Sin embargo, el sistema de inicio de sesión permite a usuarios conectarse con cualquier nombre de usuario o dirección de correo electrónico. Dado que Grafana permite que un usuario sea registrado con su nombre de usuario o con su dirección de correo electrónico, esto crea un comportamiento habitual en el que \"user_1\" puede registrarse con una dirección de correo electrónico y \"user_2\" puede registrar su nombre de usuario como la dirección de correo electrónico de \"user_1\". Esto impide que \"user_1\" sea registrado en la aplicación, ya que la contraseña de \"user_1\" no coincide con la dirección de correo electrónico de \"user_2\". Las versiones 9.1.8 y 8.5.14 contienen un parche. No se presentan mitigaciones para este problema", }, ], id: "CVE-2022-39229", lastModified: "2024-11-21T07:17:50.027", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-13T23:15:10.937", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/5644758f0c5ae9955a4e5480d71f9bef57fdce35", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-gj7m-853r-289r", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/5644758f0c5ae9955a4e5480d71f9bef57fdce35", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-gj7m-853r-289r", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "security-advisories@github.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-05-20 15:15
Modified
2024-11-21 06:57
Severity ?
Summary
The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used. Versions 1.2.1, 1.3.1, and 1.4.0 contain the bugfix. This affects -auth.type=enterprise in microservices mode
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://grafana.com/docs/enterprise-logs/latest/gel-releases/#v121----may-3-2022 | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20220707-0004/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://grafana.com/docs/enterprise-logs/latest/gel-releases/#v121----may-3-2022 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20220707-0004/ | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "E8465C92-50B9-4910-BC9E-6EDA8DB884F8", versionEndExcluding: "1.2.1", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:1.3.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "86C85BFC-F214-42A1-BA85-8328CF82BD36", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used. Versions 1.2.1, 1.3.1, and 1.4.0 contain the bugfix. This affects -auth.type=enterprise in microservices mode", }, { lang: "es", value: "El componente querier en Grafana Enterprise Logs versiones 1.1.x hasta 1.3.x anteriores a 1.4.0, no requiere autenticación cuando es usado X-Scope-OrgID. Las versiones 1.2.1, 1.3.1 y 1.4.0, contienen una corrección de errores. Esto afecta a -auth.type=enterprise en el modo de microservicios", }, ], id: "CVE-2022-28660", lastModified: "2024-11-21T06:57:40.470", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-05-20T15:15:10.167", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/enterprise-logs/latest/gel-releases/#v121----may-3-2022", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220707-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://grafana.com/docs/enterprise-logs/latest/gel-releases/#v121----may-3-2022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220707-0004/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-23 08:15
Modified
2025-02-13 17:15
Severity ?
6.2 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Grafana is an open-source platform for monitoring and observability.
Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip.
The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.
An attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description.
Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "F7482331-D381-4704-BF90-060DB1E279C1", versionEndExcluding: "8.5.22", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "79D0AE4D-AD37-45A8-A84B-FE675F2D2943", versionEndExcluding: "9.2.15", versionStartIncluding: "9.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "3D6B0083-7414-4C30-9C14-B4C4784F79DB", versionEndExcluding: "9.3.11", versionStartExcluding: "9.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. \n\nGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \n\nThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\n\nAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description. \n\n Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix.", }, ], id: "CVE-2023-1410", lastModified: "2025-02-13T17:15:58.630", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:N", version: "3.1", }, exploitabilityScore: 1, impactScore: 4.7, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-23T08:15:12.470", references: [ { source: "security@grafana.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76", }, { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-1410/", }, { source: "security@grafana.com", url: "https://security.netapp.com/advisory/ntap-20230420-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-1410/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230420-0003/", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-10-17 08:15
Modified
2025-02-13 17:17
Severity ?
6.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Grafana is an open-source platform for monitoring and observability.
In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts.
However, the restriction can be bypassed used punycode encoding of the characters in the request address.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "63D6BD69-0021-4425-815E-BCC6DC6A844D", versionEndExcluding: "9.4.17", versionStartIncluding: "9.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "AE835FB5-83A3-4657-AE71-A6F42A0C6680", versionEndExcluding: "9.5.13", versionStartIncluding: "9.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "DC6EC05D-A16B-4DBD-9D2C-B63C5DE3B31E", versionEndExcluding: "10.0.9", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "4984FF92-7D1B-4A1A-9C2B-79E052CC8483", versionEndExcluding: "10.1.5", versionStartIncluding: "10.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. \n\nIn Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts.\n\nHowever, the restriction can be bypassed used punycode encoding of the characters in the request address.", }, { lang: "es", value: "Grafana es una plataforma de código abierto para monitorización y observabilidad. En Grafana Enterprise, la seguridad de solicitudes es una lista de denegación que permite a los administradores configurar Grafana de manera que la instancia no llame a hosts específicos. Sin embargo, la restricción se puede eludir utilizando la codificaciówn punycode de los caracteres en la dirección de solicitud.", }, ], id: "CVE-2023-4399", lastModified: "2025-02-13T17:17:18.783", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 4.7, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-10-17T08:15:09.553", references: [ { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-4399/", }, { source: "security@grafana.com", url: "https://security.netapp.com/advisory/ntap-20231208-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-4399/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20231208-0003/", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-183", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-13 23:15
Modified
2024-11-21 07:17
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Grafana is an open source observability and data visualization platform. Starting with version 5.0.0-beta1 and prior to versions 8.5.14 and 9.1.8, Grafana could leak the authentication cookie of users to plugins. The vulnerability impacts data source and plugin proxy endpoints under certain conditions. The destination plugin could receive a user's Grafana authentication cookie. Versions 9.1.8 and 8.5.14 contain a patch for this issue. There are no known workarounds.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "149266FC-7D6C-4AB9-851C-F63549510405", versionEndExcluding: "8.5.14", versionStartIncluding: "5.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "E8E1ACC7-F43B-4395-A1FD-44CAEB43430D", versionEndExcluding: "9.1.8", versionStartIncluding: "9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:5.0.0:-:*:*:*:*:*:*", matchCriteriaId: "7D0F0AF7-BCA9-4FF3-BD21-01E7A129A30E", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:5.0.0:beta1:*:*:*:*:*:*", matchCriteriaId: "9109F31C-C109-48D0-A928-D5E61B6A9547", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:5.0.0:beta2:*:*:*:*:*:*", matchCriteriaId: "60242F49-9899-4B4A-BD2B-99EF2B7DD22F", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:5.0.0:beta3:*:*:*:*:*:*", matchCriteriaId: "98551C43-BD4C-40CD-92C5-6A3005022CF5", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:5.0.0:beta4:*:*:*:*:*:*", matchCriteriaId: "E76F5633-7F85-4162-BA13-6F1D887ECE83", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:5.0.0:beta5:*:*:*:*:*:*", matchCriteriaId: "FF03FBD9-5AA0-4171-9EC7-84BFBCBE48D4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open source observability and data visualization platform. Starting with version 5.0.0-beta1 and prior to versions 8.5.14 and 9.1.8, Grafana could leak the authentication cookie of users to plugins. The vulnerability impacts data source and plugin proxy endpoints under certain conditions. The destination plugin could receive a user's Grafana authentication cookie. Versions 9.1.8 and 8.5.14 contain a patch for this issue. There are no known workarounds.", }, { lang: "es", value: "Grafana es una plataforma de código abierto de observabilidad y visualización de datos. A partir de la versión 5.0.0-beta1 y versiones anteriores a 8.5.14 y 9.1.8, Grafana podía filtrar la cookie de autenticación de usuarios a los plugins. La vulnerabilidad afecta a los endpoints de la fuente de datos y del proxy del plugin bajo determinadas condiciones. El plugin de destino podría recibir la cookie de autenticación de Grafana de un usuario. Las versiones 9.1.8 y 8.5.14 contienen un parche para este problema. No se presentan mitigaciones conocidas", }, ], id: "CVE-2022-39201", lastModified: "2024-11-21T07:17:46.560", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-13T23:15:10.850", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/b571acc1dc130a33f24742c1f93b93216da6cf57", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/c658816f5229d17f877579250c07799d3bbaebc9", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-x744-mm8v-vpgr", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/b571acc1dc130a33f24742c1f93b93216da6cf57", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/commit/c658816f5229d17f877579250c07799d3bbaebc9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-x744-mm8v-vpgr", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-13 19:29
Modified
2024-11-21 03:57
Severity ?
Summary
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| grafana | grafana | * | |
| grafana | grafana | * | |
| redhat | ceph_storage | 3.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| netapp | active_iq_performance_analytics_services | - | |
| netapp | storagegrid_webscale_nas_bridge | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "5FE58A99-17A0-48EC-AFE1-0F42CC5C1622", versionEndExcluding: "4.6.5", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "24149E51-50CF-4054-BA52-DDF80B3630FF", versionEndExcluding: "5.3.3", versionStartIncluding: "5.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*", matchCriteriaId: "516F4E8E-ED2F-4282-9DAB-D8B378F61258", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*", matchCriteriaId: "83077160-BB98-408B-81F0-8EF9E566BF28", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:storagegrid_webscale_nas_bridge:-:*:*:*:*:*:*:*", matchCriteriaId: "9EB95AE0-8815-4F2B-9D2F-B9272D7BDF91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.", }, { lang: "es", value: "Grafana en versiones anteriores a la 4.6.5 y versiones 5.x anteriores a la 5.3.3 permite que usuarios autenticados remotos lean archivos arbitrarios aprovechando los permisos Editor o Admin.", }, ], id: "CVE-2018-19039", lastModified: "2024-11-21T03:57:12.097", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-13T19:29:00.403", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105994", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0747", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0911", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-5-3-3-and-4-6-5-security-update/11961", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190416-0004/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.percona.com/blog/2018/11/20/how-cve-2018-19039-affects-percona-monitoring-and-management/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105994", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0747", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0911", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://community.grafana.com/t/grafana-5-3-3-and-4-6-5-security-update/11961", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190416-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.percona.com/blog/2018/11/20/how-cve-2018-19039-affects-percona-monitoring-and-management/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-28 15:15
Modified
2024-11-21 04:34
Severity ?
Summary
Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20200918-0003/ | Third Party Advisory | |
| cve@mitre.org | https://swarm.ptsecurity.com/grafana-6-4-3-arbitrary-file-read/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20200918-0003/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://swarm.ptsecurity.com/grafana-6-4-3-arbitrary-file-read/ | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "1212B5CD-7972-4810-B2E3-38AD743A3185", versionEndIncluding: "6.4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.", }, { lang: "es", value: "Grafana versiones anteriores a 6.4.3 incluyéndola, presenta una vulnerabilidad de Lectura Arbitraria de Archivos, que podría ser explotada por un atacante autenticado que tiene privilegios para modificar las configuraciones de la fuente de datos", }, ], id: "CVE-2019-19499", lastModified: "2024-11-21T04:34:50.603", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-28T15:15:11.953", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200918-0003/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://swarm.ptsecurity.com/grafana-6-4-3-arbitrary-file-read/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200918-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://swarm.ptsecurity.com/grafana-6-4-3-arbitrary-file-read/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-10-18 04:15
Modified
2025-03-14 10:15
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:11.0.0:*:*:*:*:*:*:*", matchCriteriaId: "876CCACF-B9AF-4358-AB56-58C86303B463", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.", }, { lang: "es", value: "La característica experimental SQL Expressions de Grafana permite la evaluación de consultas `duckdb` que contienen información del usuario. Estas consultas no se desinfectan lo suficiente antes de pasarlas a `duckdb`, lo que genera una vulnerabilidad de inyección de comandos e inclusión de archivos locales. Cualquier usuario con el permiso VIEWER o superior puede ejecutar este ataque. El binario `duckdb` debe estar presente en $PATH de Grafana para que este ataque funcione; de manera predeterminada, este binario no está instalado en las distribuciones de Grafana.", }, ], id: "CVE-2024-9264", lastModified: "2025-03-14T10:15:15.513", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 9.4, baseSeverity: "CRITICAL", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "LOW", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "HIGH", subConfidentialityImpact: "HIGH", subIntegrityImpact: "HIGH", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "security@grafana.com", type: "Secondary", }, ], }, published: "2024-10-18T04:15:04.723", references: [ { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2024-9264/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20250314-0007/", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-06 19:15
Modified
2025-02-13 17:16
Severity ?
4.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Summary
Grafana is an open-source platform for monitoring and observability.
The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function.
This might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server.
Users may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "48AB6EAA-1211-4E49-938E-7A6C57914A5B", versionEndExcluding: "8.5.26", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "60ED286C-003F-4D81-B26C-8B39A33B1327", versionEndExcluding: "9.2.19", versionStartIncluding: "9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "C45A8C03-0871-4F08-8285-EA8EF5B91132", versionEndExcluding: "9.3.15", versionStartIncluding: "9.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "F7E1DC65-AEE9-4296-98A8-B0F8C0794B39", versionEndExcluding: "9.4.12", versionStartIncluding: "9.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "109E940E-B6B4-4E5A-A580-C58A26CD4392", versionEndExcluding: "9.5.3", versionStartIncluding: "9.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. \n\nThe option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function.\n\nThis might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server.\n\nUsers may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.", }, ], evaluatorComment: "Impact ", id: "CVE-2023-2183", lastModified: "2025-02-13T17:16:19.957", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 1.4, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-06T19:15:11.277", references: [ { source: "security@grafana.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-cvm3-pp2j-chr3", }, { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-2183/", }, { source: "security@grafana.com", url: "https://security.netapp.com/advisory/ntap-20230706-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-cvm3-pp2j-chr3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-2183/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230706-0002/", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-26 14:15
Modified
2025-02-13 17:15
Severity ?
4.2 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Grafana is an open-source platform for monitoring and observability.
Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token.
By enabling the "url_login" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "5664FC02-E4AA-41EC-8EAA-300AD2272CC2", versionEndExcluding: "9.2.17", versionStartIncluding: "9.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "5A544263-545D-4D86-B29F-F7FC12E9A34F", versionEndExcluding: "9.3.13", versionStartIncluding: "9.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "99EBCA47-A3CD-4C20-B151-300D43426EB2", versionEndExcluding: "9.4.9", versionStartIncluding: "9.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \n\nBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.", }, ], id: "CVE-2023-1387", lastModified: "2025-02-13T17:15:58.360", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 3.6, source: "security@grafana.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-26T14:15:09.430", references: [ { source: "security@grafana.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j", }, { source: "security@grafana.com", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-1387/", }, { source: "security@grafana.com", url: "https://security.netapp.com/advisory/ntap-20230609-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com/security/security-advisories/cve-2023-1387/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230609-0003/", }, ], sourceIdentifier: "security@grafana.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "security@grafana.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-13 22:15
Modified
2024-11-21 07:03
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Grafana is an open source observability and data visualization platform. Versions prior to 9.1.8 and 8.5.14 are vulnerable to a bypass in the plugin signature verification. An attacker can convince a server admin to download and successfully run a malicious plugin even though unsigned plugins are not allowed. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not install plugins downloaded from untrusted sources.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/grafana/grafana/releases/tag/v9.1.8 | Release Notes, Third Party Advisory | |
| security-advisories@github.com | https://github.com/grafana/grafana/security/advisories/GHSA-rhxj-gh46-jvw8 | Patch, Third Party Advisory | |
| security-advisories@github.com | https://security.netapp.com/advisory/ntap-20221124-0002/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/releases/tag/v9.1.8 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/security/advisories/GHSA-rhxj-gh46-jvw8 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20221124-0002/ | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "FDAE1A84-3ACC-4651-9FF8-B73F958DC2AC", versionEndExcluding: "8.5.14", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "E8E1ACC7-F43B-4395-A1FD-44CAEB43430D", versionEndExcluding: "9.1.8", versionStartIncluding: "9.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", matchCriteriaId: "24B8DB06-590A-4008-B0AB-FCD1401C77C6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana is an open source observability and data visualization platform. Versions prior to 9.1.8 and 8.5.14 are vulnerable to a bypass in the plugin signature verification. An attacker can convince a server admin to download and successfully run a malicious plugin even though unsigned plugins are not allowed. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not install plugins downloaded from untrusted sources.", }, { lang: "es", value: "Grafana es una plataforma de código abierto de observabilidad y visualización de datos. Las versiones anteriores a 9.1.8 y 8.5.14, son vulnerables a una omisión en la verificación de la firma del plugin. Un atacante puede convencer a un administrador del servidor para que descargue y ejecute con éxito un plugin malicioso a pesar de que los plugins sin firma no están permitidos. Las versiones 9.1.8 y 8.5.14 contienen un parche para este problema. Como mitigación, no instale plugins descargados de fuentes no confiables", }, ], id: "CVE-2022-31123", lastModified: "2024-11-21T07:03:56.640", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.6, impactScore: 5.5, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-13T22:15:10.050", references: [ { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-rhxj-gh46-jvw8", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221124-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/releases/tag/v9.1.8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/security/advisories/GHSA-rhxj-gh46-jvw8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221124-0002/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-347", }, ], source: "security-advisories@github.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-09-23 17:15
Modified
2024-11-21 04:29
Severity ?
Summary
An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL) are not encrypted. An admin user can reveal passwords for any data source by pressing the "Save and test" button within a data source's settings menu. When watching the transaction with Burp Proxy, the password for the data source is revealed and sent to the server. From a browser, a prompt to save the credentials is generated, and the password can be revealed by simply checking the "Show password" box.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/167244 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20191009-0002/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/167244 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20191009-0002/ | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:5.4.0:-:*:*:*:*:*:*", matchCriteriaId: "22E4022A-5F59-454F-8560-484AF773844A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL) are not encrypted. An admin user can reveal passwords for any data source by pressing the \"Save and test\" button within a data source's settings menu. When watching the transaction with Burp Proxy, the password for the data source is revealed and sent to the server. From a browser, a prompt to save the credentials is generated, and the password can be revealed by simply checking the \"Show password\" box.", }, { lang: "es", value: "Se detectó un problema en Grafana versión 5.4.0. Las contraseñas para las fuentes de datos usadas por Grafana (por ejemplo, MySQL) no están encriptadas. Un usuario administrador puede revelar contraseñas para cualquier fuente de datos presionando el botón \"Save and test\" dentro del menú de configuración de una fuente de datos. Al visualizar la transacción con Burp Proxy, la contraseña de la fuente de datos es revelada y se envía hacia el servidor. Desde un navegador, se genera un aviso para guardar las credenciales, y la contraseña puede ser revelada mediante la comprobación simple de la casilla \"Show password\"", }, ], id: "CVE-2019-15635", lastModified: "2024-11-21T04:29:10.110", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-09-23T17:15:11.173", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/167244", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191009-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/167244", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191009-0002/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-319", }, { lang: "en", value: "CWE-522", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-06 19:15
Modified
2024-11-21 07:06
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Grafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:8.4.3:*:*:*:*:*:*:*", matchCriteriaId: "F217504A-4756-40F0-8589-417B85664F95", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "disputed", ], }, ], descriptions: [ { lang: "en", value: "Grafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content", }, { lang: "es", value: "** EN DISPUTA ** Grafana versión 8.4.3, permite leer archivos por medio de (por ejemplo) un /dashboard/snapshot/%7B%7Bconstructor.constructor\"/. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTA: la posición del proveedor es que no hay ninguna vulnerabilidad; esta petición produce una página de error benigna, no el contenido de /etc/passwd.", }, ], id: "CVE-2022-32275", lastModified: "2024-11-21T07:06:05.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2022-06-06T19:15:09.813", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/BrotherOfJhonny/grafana", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/BrotherOfJhonny/grafana/blob/main/README.md", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/50336", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/50341#issuecomment-1155252393", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://grafana.com", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220715-0008/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/BrotherOfJhonny/grafana", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/BrotherOfJhonny/grafana/blob/main/README.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/50336", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/grafana/grafana/issues/50341#issuecomment-1155252393", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://grafana.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220715-0008/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
var-201909-0885
Vulnerability from variot
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana. Grafana Contains an access control vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Grafana is a set of open source monitoring tools that provide a visual monitoring interface at Grafana Labs. This tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus.
An access control error vulnerability exists in Grafana that could be exploited by an attacker to cause a denial of service. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: grafana security, bug fix, and enhancement update Advisory ID: RHSA-2020:1659-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1659 Issue date: 2020-04-28 CVE Names: CVE-2019-15043 ==================================================================== 1. Summary:
An update for grafana is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64
- Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
The following packages have been upgraded to a later upstream version: grafana (6.3.6). (BZ#1725278)
Security Fix(es):
- grafana: incorrect access control in snapshot HTTP API leads to denial of service (CVE-2019-15043)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source: grafana-6.3.6-1.el8.src.rpm
aarch64: grafana-6.3.6-1.el8.aarch64.rpm grafana-azure-monitor-6.3.6-1.el8.aarch64.rpm grafana-cloudwatch-6.3.6-1.el8.aarch64.rpm grafana-debuginfo-6.3.6-1.el8.aarch64.rpm grafana-elasticsearch-6.3.6-1.el8.aarch64.rpm grafana-graphite-6.3.6-1.el8.aarch64.rpm grafana-influxdb-6.3.6-1.el8.aarch64.rpm grafana-loki-6.3.6-1.el8.aarch64.rpm grafana-mssql-6.3.6-1.el8.aarch64.rpm grafana-mysql-6.3.6-1.el8.aarch64.rpm grafana-opentsdb-6.3.6-1.el8.aarch64.rpm grafana-postgres-6.3.6-1.el8.aarch64.rpm grafana-prometheus-6.3.6-1.el8.aarch64.rpm grafana-stackdriver-6.3.6-1.el8.aarch64.rpm
ppc64le: grafana-6.3.6-1.el8.ppc64le.rpm grafana-azure-monitor-6.3.6-1.el8.ppc64le.rpm grafana-cloudwatch-6.3.6-1.el8.ppc64le.rpm grafana-debuginfo-6.3.6-1.el8.ppc64le.rpm grafana-elasticsearch-6.3.6-1.el8.ppc64le.rpm grafana-graphite-6.3.6-1.el8.ppc64le.rpm grafana-influxdb-6.3.6-1.el8.ppc64le.rpm grafana-loki-6.3.6-1.el8.ppc64le.rpm grafana-mssql-6.3.6-1.el8.ppc64le.rpm grafana-mysql-6.3.6-1.el8.ppc64le.rpm grafana-opentsdb-6.3.6-1.el8.ppc64le.rpm grafana-postgres-6.3.6-1.el8.ppc64le.rpm grafana-prometheus-6.3.6-1.el8.ppc64le.rpm grafana-stackdriver-6.3.6-1.el8.ppc64le.rpm
s390x: grafana-6.3.6-1.el8.s390x.rpm grafana-azure-monitor-6.3.6-1.el8.s390x.rpm grafana-cloudwatch-6.3.6-1.el8.s390x.rpm grafana-debuginfo-6.3.6-1.el8.s390x.rpm grafana-elasticsearch-6.3.6-1.el8.s390x.rpm grafana-graphite-6.3.6-1.el8.s390x.rpm grafana-influxdb-6.3.6-1.el8.s390x.rpm grafana-loki-6.3.6-1.el8.s390x.rpm grafana-mssql-6.3.6-1.el8.s390x.rpm grafana-mysql-6.3.6-1.el8.s390x.rpm grafana-opentsdb-6.3.6-1.el8.s390x.rpm grafana-postgres-6.3.6-1.el8.s390x.rpm grafana-prometheus-6.3.6-1.el8.s390x.rpm grafana-stackdriver-6.3.6-1.el8.s390x.rpm
x86_64: grafana-6.3.6-1.el8.x86_64.rpm grafana-azure-monitor-6.3.6-1.el8.x86_64.rpm grafana-cloudwatch-6.3.6-1.el8.x86_64.rpm grafana-debuginfo-6.3.6-1.el8.x86_64.rpm grafana-elasticsearch-6.3.6-1.el8.x86_64.rpm grafana-graphite-6.3.6-1.el8.x86_64.rpm grafana-influxdb-6.3.6-1.el8.x86_64.rpm grafana-loki-6.3.6-1.el8.x86_64.rpm grafana-mssql-6.3.6-1.el8.x86_64.rpm grafana-mysql-6.3.6-1.el8.x86_64.rpm grafana-opentsdb-6.3.6-1.el8.x86_64.rpm grafana-postgres-6.3.6-1.el8.x86_64.rpm grafana-prometheus-6.3.6-1.el8.x86_64.rpm grafana-stackdriver-6.3.6-1.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-15043 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXqhVtdzjgjWX9erEAQjjzQ//UMQ+3TmzrSdgb9VpHE0EhP2PMJi7A9oo aieBhGN/4wPHmCoH2XHNSQPLkrmJf49ZkIPYzPcoZjs/DQ/oy7J/dT/nVNsW9Aul /JSVeWjlgNqFn4gZFe5LCtgqzt48FL/hSt1NgPqmpZWmyx1JXThTOed3PcbptmLO FgIj3Lhs7kcZk/LTvXNC4L3UyhUn5PJK+mXzAtNWTvW0Ca2cWGRVCtbssI/m87IL AR84wXaVj8xW054DLlojDfigUFXTlJr4PFM6tfFJwxUzgev8Xb6Sg09PM48FEd2L B7f1W9xb/27cqj0BDapp3vj8+ViKDOIDGeDZxlxdFMkQaK1mHNWOuNiIZCiGBDVd ++OX/wjjxbnfUiRd/ounQLZadta4D9c6qs+xORwHaPVy6hAOeV9UELDY+nmXo3tO GDGPAmLyJqdYZR/4PO1O0Gp7/dOyL+51J57QpD/7coGrwAikkm9hF2bI1WabRe01 nx/DEFdjOtmHXPR7g41BroCr81bom+J7SCru9MotBCVUm5HbW42mhPxixkb70Tlu +yUfSLZFO5Ve8VTF+/eMx817pwLQP/a6lkbJzVwwCYMIsgaaEgKXPj5BLM5P7hKk HyvYc7bWku+csEfM2Cf0qHFIYYxgBqZIp14UU70MZ0J6HQIMWCHXJqngUAzkvqR4 k/AjDHhUTII=yev2 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201909-0885", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "grafana", scope: "gte", trust: 1, vendor: "grafana", version: "2.0.0", }, { model: "grafana", scope: "gte", trust: 1, vendor: "grafana", version: "6.0.0", }, { model: "grafana", scope: "lt", trust: 1, vendor: "grafana", version: "5.4.5", }, { model: "grafana", scope: "lt", trust: 1, vendor: "grafana", version: "6.3.4", }, { model: "grafana", scope: "eq", trust: 0.8, vendor: "grafana", version: "6.3.4", }, { model: "grafana", scope: "lt", trust: 0.8, vendor: "grafana", version: "6.x for up to 2.x", }, { model: "grafana", scope: "gte", trust: 0.6, vendor: "grafana", version: "2.*,<=6.*", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-30484", }, { db: "JVNDB", id: "JVNDB-2019-008892", }, { db: "NVD", id: "CVE-2019-15043", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:grafana:grafana", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-008892", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Red Hat", sources: [ { db: "PACKETSTORM", id: "157468", }, { db: "CNNVD", id: "CNNVD-201908-2274", }, ], trust: 0.7, }, cve: "CVE-2019-15043", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2019-15043", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2019-30484", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2019-15043", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-15043", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2019-15043", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2019-30484", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201908-2274", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2019-15043", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2019-30484", }, { db: "VULMON", id: "CVE-2019-15043", }, { db: "JVNDB", id: "JVNDB-2019-008892", }, { db: "CNNVD", id: "CNNVD-201908-2274", }, { db: "NVD", id: "CVE-2019-15043", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana. Grafana Contains an access control vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Grafana is a set of open source monitoring tools that provide a visual monitoring interface at Grafana Labs. This tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus. \n\nAn access control error vulnerability exists in Grafana that could be exploited by an attacker to cause a denial of service. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: grafana security, bug fix, and enhancement update\nAdvisory ID: RHSA-2020:1659-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2020:1659\nIssue date: 2020-04-28\nCVE Names: CVE-2019-15043\n====================================================================\n1. Summary:\n\nAn update for grafana is now available for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. Description:\n\nGrafana is an open source, feature rich metrics dashboard and graph editor\nfor Graphite, InfluxDB & OpenTSDB. \n\nThe following packages have been upgraded to a later upstream version:\ngrafana (6.3.6). (BZ#1725278)\n\nSecurity Fix(es):\n\n* grafana: incorrect access control in snapshot HTTP API leads to denial of\nservice (CVE-2019-15043)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.2 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux AppStream (v. 8):\n\nSource:\ngrafana-6.3.6-1.el8.src.rpm\n\naarch64:\ngrafana-6.3.6-1.el8.aarch64.rpm\ngrafana-azure-monitor-6.3.6-1.el8.aarch64.rpm\ngrafana-cloudwatch-6.3.6-1.el8.aarch64.rpm\ngrafana-debuginfo-6.3.6-1.el8.aarch64.rpm\ngrafana-elasticsearch-6.3.6-1.el8.aarch64.rpm\ngrafana-graphite-6.3.6-1.el8.aarch64.rpm\ngrafana-influxdb-6.3.6-1.el8.aarch64.rpm\ngrafana-loki-6.3.6-1.el8.aarch64.rpm\ngrafana-mssql-6.3.6-1.el8.aarch64.rpm\ngrafana-mysql-6.3.6-1.el8.aarch64.rpm\ngrafana-opentsdb-6.3.6-1.el8.aarch64.rpm\ngrafana-postgres-6.3.6-1.el8.aarch64.rpm\ngrafana-prometheus-6.3.6-1.el8.aarch64.rpm\ngrafana-stackdriver-6.3.6-1.el8.aarch64.rpm\n\nppc64le:\ngrafana-6.3.6-1.el8.ppc64le.rpm\ngrafana-azure-monitor-6.3.6-1.el8.ppc64le.rpm\ngrafana-cloudwatch-6.3.6-1.el8.ppc64le.rpm\ngrafana-debuginfo-6.3.6-1.el8.ppc64le.rpm\ngrafana-elasticsearch-6.3.6-1.el8.ppc64le.rpm\ngrafana-graphite-6.3.6-1.el8.ppc64le.rpm\ngrafana-influxdb-6.3.6-1.el8.ppc64le.rpm\ngrafana-loki-6.3.6-1.el8.ppc64le.rpm\ngrafana-mssql-6.3.6-1.el8.ppc64le.rpm\ngrafana-mysql-6.3.6-1.el8.ppc64le.rpm\ngrafana-opentsdb-6.3.6-1.el8.ppc64le.rpm\ngrafana-postgres-6.3.6-1.el8.ppc64le.rpm\ngrafana-prometheus-6.3.6-1.el8.ppc64le.rpm\ngrafana-stackdriver-6.3.6-1.el8.ppc64le.rpm\n\ns390x:\ngrafana-6.3.6-1.el8.s390x.rpm\ngrafana-azure-monitor-6.3.6-1.el8.s390x.rpm\ngrafana-cloudwatch-6.3.6-1.el8.s390x.rpm\ngrafana-debuginfo-6.3.6-1.el8.s390x.rpm\ngrafana-elasticsearch-6.3.6-1.el8.s390x.rpm\ngrafana-graphite-6.3.6-1.el8.s390x.rpm\ngrafana-influxdb-6.3.6-1.el8.s390x.rpm\ngrafana-loki-6.3.6-1.el8.s390x.rpm\ngrafana-mssql-6.3.6-1.el8.s390x.rpm\ngrafana-mysql-6.3.6-1.el8.s390x.rpm\ngrafana-opentsdb-6.3.6-1.el8.s390x.rpm\ngrafana-postgres-6.3.6-1.el8.s390x.rpm\ngrafana-prometheus-6.3.6-1.el8.s390x.rpm\ngrafana-stackdriver-6.3.6-1.el8.s390x.rpm\n\nx86_64:\ngrafana-6.3.6-1.el8.x86_64.rpm\ngrafana-azure-monitor-6.3.6-1.el8.x86_64.rpm\ngrafana-cloudwatch-6.3.6-1.el8.x86_64.rpm\ngrafana-debuginfo-6.3.6-1.el8.x86_64.rpm\ngrafana-elasticsearch-6.3.6-1.el8.x86_64.rpm\ngrafana-graphite-6.3.6-1.el8.x86_64.rpm\ngrafana-influxdb-6.3.6-1.el8.x86_64.rpm\ngrafana-loki-6.3.6-1.el8.x86_64.rpm\ngrafana-mssql-6.3.6-1.el8.x86_64.rpm\ngrafana-mysql-6.3.6-1.el8.x86_64.rpm\ngrafana-opentsdb-6.3.6-1.el8.x86_64.rpm\ngrafana-postgres-6.3.6-1.el8.x86_64.rpm\ngrafana-prometheus-6.3.6-1.el8.x86_64.rpm\ngrafana-stackdriver-6.3.6-1.el8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-15043\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXqhVtdzjgjWX9erEAQjjzQ//UMQ+3TmzrSdgb9VpHE0EhP2PMJi7A9oo\naieBhGN/4wPHmCoH2XHNSQPLkrmJf49ZkIPYzPcoZjs/DQ/oy7J/dT/nVNsW9Aul\n/JSVeWjlgNqFn4gZFe5LCtgqzt48FL/hSt1NgPqmpZWmyx1JXThTOed3PcbptmLO\nFgIj3Lhs7kcZk/LTvXNC4L3UyhUn5PJK+mXzAtNWTvW0Ca2cWGRVCtbssI/m87IL\nAR84wXaVj8xW054DLlojDfigUFXTlJr4PFM6tfFJwxUzgev8Xb6Sg09PM48FEd2L\nB7f1W9xb/27cqj0BDapp3vj8+ViKDOIDGeDZxlxdFMkQaK1mHNWOuNiIZCiGBDVd\n++OX/wjjxbnfUiRd/ounQLZadta4D9c6qs+xORwHaPVy6hAOeV9UELDY+nmXo3tO\nGDGPAmLyJqdYZR/4PO1O0Gp7/dOyL+51J57QpD/7coGrwAikkm9hF2bI1WabRe01\nnx/DEFdjOtmHXPR7g41BroCr81bom+J7SCru9MotBCVUm5HbW42mhPxixkb70Tlu\n+yUfSLZFO5Ve8VTF+/eMx817pwLQP/a6lkbJzVwwCYMIsgaaEgKXPj5BLM5P7hKk\nHyvYc7bWku+csEfM2Cf0qHFIYYxgBqZIp14UU70MZ0J6HQIMWCHXJqngUAzkvqR4\nk/AjDHhUTII=yev2\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n", sources: [ { db: "NVD", id: "CVE-2019-15043", }, { db: "JVNDB", id: "JVNDB-2019-008892", }, { db: "CNVD", id: "CNVD-2019-30484", }, { db: "VULMON", id: "CVE-2019-15043", }, { db: "PACKETSTORM", id: "157468", }, ], trust: 2.34, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-15043", trust: 3.2, }, { db: "JVNDB", id: "JVNDB-2019-008892", trust: 0.8, }, { db: "PACKETSTORM", id: "157468", trust: 0.7, }, { db: "CNVD", id: "CNVD-2019-30484", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.1508", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.4190", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2492", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.4048.2", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3854", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.1298", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.1135", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.1727.2", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201908-2274", trust: 0.6, }, { db: "VULMON", id: "CVE-2019-15043", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-30484", }, { db: "VULMON", id: "CVE-2019-15043", }, { db: "JVNDB", id: "JVNDB-2019-008892", }, { db: "PACKETSTORM", id: "157468", }, { db: "CNNVD", id: "CNNVD-201908-2274", }, { db: "NVD", id: "CVE-2019-15043", }, ], }, id: "VAR-201909-0885", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2019-30484", }, ], trust: 0.06, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-30484", }, ], }, last_update_date: "2024-11-23T19:34:12.845000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Releases", trust: 0.8, url: "https://github.com/grafana/grafana/releases", }, { title: "Grafana 5.4.5 and 6.3.4 Security Update", trust: 0.8, url: "https://community.grafana.com/t/grafana-5-4-5-and-6-3-4-security-update/20569", }, { title: "Release Notes v6.3.x", trust: 0.8, url: "https://community.grafana.com/t/release-notes-v6-3-x/19202", }, { title: "1Grafana 5.4.5 and 6.3.4 Released with Important Security Fix", trust: 0.8, url: "https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/", }, { title: "Patch for Grafana Access Control Error Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/179003", }, { title: "Grafana Fixes for access control error vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97782", }, { title: "Red Hat: Moderate: grafana security, bug fix, and enhancement update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20201659 - Security Advisory", }, { title: "Arch Linux Issues: ", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2019-15043", }, { title: "CVE-2019-15043 POC", trust: 0.1, url: "https://github.com/h0ffayyy/CVE-2019-15043 ", }, { title: "CVE-POC", trust: 0.1, url: "https://github.com/n1sh1th/CVE-POC ", }, { title: "F5の脆弱性情報", trust: 0.1, url: "https://github.com/DNTYO/F5_Vulnerability ", }, { title: "Nuclei Templates\nResources", trust: 0.1, url: "https://github.com/merlinepedra25/nuclei-templates ", }, { title: "Nuclei Templates\nResources", trust: 0.1, url: "https://github.com/merlinepedra/nuclei-templates ", }, { title: "Kenzer Templates [1289]", trust: 0.1, url: "https://github.com/Elsfa7-110/kenzer-templates ", }, { title: "PoC in GitHub", trust: 0.1, url: "https://github.com/developer3000S/PoC-in-GitHub ", }, { title: "PoC in GitHub", trust: 0.1, url: "https://github.com/hectorgie/PoC-in-GitHub ", }, { title: "PoC in GitHub", trust: 0.1, url: "https://github.com/0xT11/CVE-POC ", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-30484", }, { db: "VULMON", id: "CVE-2019-15043", }, { db: "JVNDB", id: "JVNDB-2019-008892", }, { db: "CNNVD", id: "CNNVD-201908-2274", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-306", trust: 1, }, { problemtype: "CWE-284", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-008892", }, { db: "NVD", id: "CVE-2019-15043", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://community.grafana.com/t/grafana-5-4-5-and-6-3-4-security-update/20569", }, { trust: 1.7, url: "https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/", }, { trust: 1.7, url: "https://community.grafana.com/t/release-notes-v6-3-x/19202", }, { trust: 1.7, url: "https://github.com/grafana/grafana/releases", }, { trust: 1.7, url: "https://security.netapp.com/advisory/ntap-20191004-0004/", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html", }, { trust: 1.5, url: "https://nvd.nist.gov/vuln/detail/cve-2019-15043", }, { trust: 1.3, url: "https://access.redhat.com/security/cve/cve-2019-15043", }, { trust: 1.1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/rf5argyx3wyb7h2fdr7vawteq27ux3fu/", }, { trust: 1.1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/uo4nbl7pkw4osfrvzengc42ewejv2yah/", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15043", }, { trust: 0.6, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/uo4nbl7pkw4osfrvzengc42ewejv2yah/", }, { trust: 0.6, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/rf5argyx3wyb7h2fdr7vawteq27ux3fu/", }, { trust: 0.6, url: "https://www.suse.com/support/update/announcement/2019/suse-su-20192671-1.html", }, { trust: 0.6, url: "https://www.suse.com/support/update/announcement/2019/suse-su-20192867-1.html", }, { trust: 0.6, url: "https://www.suse.com/support/update/announcement/2019/suse-su-20192906-1.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.4048.2/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.1135", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.1298", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.4190/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/grafana-denial-of-service-via-http-api-30211", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1508/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2492/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3854/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1727.2/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/157468/red-hat-security-advisory-2020-1659-01.html", }, { trust: 0.2, url: "https://access.redhat.com/errata/rhsa-2020:1659", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/306.html", }, { trust: 0.1, url: "https://github.com/h0ffayyy/cve-2019-15043", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://security.archlinux.org/cve-2019-15043", }, { trust: 0.1, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.1, url: "https://access.redhat.com/articles/11258", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index", }, { trust: 0.1, url: "https://bugzilla.redhat.com/):", }, { trust: 0.1, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.1, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.1, url: "https://access.redhat.com/security/team/contact/", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-30484", }, { db: "VULMON", id: "CVE-2019-15043", }, { db: "JVNDB", id: "JVNDB-2019-008892", }, { db: "PACKETSTORM", id: "157468", }, { db: "CNNVD", id: "CNNVD-201908-2274", }, { db: "NVD", id: "CVE-2019-15043", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2019-30484", }, { db: "VULMON", id: "CVE-2019-15043", }, { db: "JVNDB", id: "JVNDB-2019-008892", }, { db: "PACKETSTORM", id: "157468", }, { db: "CNNVD", id: "CNNVD-201908-2274", }, { db: "NVD", id: "CVE-2019-15043", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-05T00:00:00", db: "CNVD", id: "CNVD-2019-30484", }, { date: "2019-09-03T00:00:00", db: "VULMON", id: "CVE-2019-15043", }, { date: "2019-09-09T00:00:00", db: "JVNDB", id: "JVNDB-2019-008892", }, { date: "2020-04-28T20:40:11", db: "PACKETSTORM", id: "157468", }, { date: "2019-08-30T00:00:00", db: "CNNVD", id: "CNNVD-201908-2274", }, { date: "2019-09-03T12:15:10.933000", db: "NVD", id: "CVE-2019-15043", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-05T00:00:00", db: "CNVD", id: "CNVD-2019-30484", }, { date: "2023-11-07T00:00:00", db: "VULMON", id: "CVE-2019-15043", }, { date: "2019-09-09T00:00:00", db: "JVNDB", id: "JVNDB-2019-008892", }, { date: "2021-04-19T00:00:00", db: "CNNVD", id: "CNNVD-201908-2274", }, { date: "2024-11-21T04:27:56.410000", db: "NVD", id: "CVE-2019-15043", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201908-2274", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Grafana Access Control Error Vulnerability", sources: [ { db: "CNVD", id: "CNVD-2019-30484", }, { db: "CNNVD", id: "CNNVD-201908-2274", }, ], trust: 1.2, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "access control error", sources: [ { db: "CNNVD", id: "CNNVD-201908-2274", }, ], trust: 0.6, }, }