VuXML ID | Description |
0859e6d5-0415-11ed-a53b-6c3be5272acd | Grafana -- OAuth Account Takeover
Grafana Labs reports:
It is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP to take over an existing Grafana account under some conditions.
Discovery 2022-06-27 Entry 2022-07-15 grafana
ge 5.3.0 lt 8.3.10
ge 8.4.0 lt 8.4.10
ge 8.5.0 lt 8.5.9
ge 9.0.0 lt 9.0.3
grafana7
ge 7.0
grafana8
ge 8.3.0 lt 8.3.10
ge 8.4.0 lt 8.4.10
ge 8.5.0 lt 8.5.9
grafana9
< 9.0.3
CVE-2022-31107
https://github.com/grafana/grafana/security/advisories/GHSA-mx47-6497-3fv2
|
0a80f159-629b-11ed-9ca2-6c3be5272acd | Grafana -- Username enumeration
Grafana Labs reports:
When using the forget password on the login page, a POST request is made
to the /api/user/password/sent-reset-email URL. When the username
or email does not exist, a JSON response contains a âÂÂuser not foundâ message.
The CVSS score for this vulnerability is 5.3 Moderate
Discovery 2022-10-24 Entry 2022-11-12 grafana
ge 8.0.0 lt 8.5.15
ge 9.0.0 lt 9.2.4
grafana8
ge 8.0.0 lt 8.5.15
grafana9
ge 9.0.0 lt 9.2.4
CVE-2022-39307
https://github.com/grafana/grafana/security/advisories/GHSA-3p62-42x7-gxg5
|
0c367e98-0415-11ed-a53b-6c3be5272acd | Grafana -- Stored XSS
Grafana Labs reports:
An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. (Note: Grafana Alerting is activated by default in Grafana 9.0.)
Discovery 2022-06-19 Entry 2022-07-15 grafana
ge 8.3.0 lt 8.3.10
ge 8.4.0 lt 8.4.10
ge 8.5.0 lt 8.5.9
ge 9.0.0 lt 9.0.3
ge 9.1.0 lt 9.2.7
grafana8
ge 8.3.0 lt 8.3.10
ge 8.4.0 lt 8.4.10
ge 8.5.0 lt 8.5.9
grafana9
< 9.0.3
ge 9.1.0 lt 9.2.7
CVE-2022-31097
https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f
|
4e60d660-6298-11ed-9ca2-6c3be5272acd | Grafana -- Plugin signature bypass
Grafana Labs reports:
On July 4th as a result of an internal security audit we have discovered
a bypass in the plugin signature verification by exploiting a versioning flaw.
We believe that this vulnerability is rated at CVSS 6.1
(CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L).
Discovery 2022-07-04 Entry 2022-11-12 grafana
ge 7.0.0 lt 8.5.14
ge 9.0.0 lt 9.1.8
grafana7
ge 7.0.0
grafana8
ge 8.0.0 lt 8.5.14
grafana9
ge 9.0.0 lt 9.1.8
CVE-2022-31123
https://github.com/grafana/grafana/security/advisories/GHSA-rhxj-gh46-jvw8
|
6877e164-6296-11ed-9ca2-6c3be5272acd | Grafana -- Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins
Grafana Labs reports:
On September 7th as a result of an internal security audit we have discovered
that Grafana could leak the authentication cookie of users to plugins. After
further analysis the vulnerability impacts data source and plugin proxy
endpoints under certain conditions.
We believe that this vulnerability is rated at CVSS 6.8
(CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H)
Discovery 2022-09-07 Entry 2022-11-12 grafana
ge 5.0.0 lt 8.5.14
ge 9.0.0 lt 9.1.8
grafana7
ge 7.0.0
grafana8
ge 8.0.0 lt 8.5.14
grafana9
ge 9.0.0 lt 9.1.8
CVE-2022-39201
https://github.com/grafana/grafana/security/advisories/GHSA-x744-mm8v-vpgr
|
6eb6a442-629a-11ed-9ca2-6c3be5272acd | Grafana -- Privilege escalation
Grafana Labs reports:
Grafana admins can invite other members to the organization they are
an admin for. When admins add members to the organization, non existing users
get an email invite, existing members are added directly to the organization.
When an invite link is sent, it allows users to sign up with whatever
username/email address the user chooses and become a member of the organization.
The CVSS score for this vulnerability is 6.4 Moderate
Discovery 2022-10-24 Entry 2022-11-12 grafana
ge 8.0.0 lt 8.5.15
ge 9.0.0 lt 9.2.4
grafana8
ge 8.0.0 lt 8.5.15
grafana9
ge 9.0.0 lt 9.2.4
CVE-2022-39306
https://github.com/grafana/grafana/security/advisories/GHSA-2x6g-h2hg-rq84
|
6f6c9420-6297-11ed-9ca2-6c3be5272acd | Grafana -- Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins
Grafana Labs reports:
On June 26 a security researcher contacted Grafana Labs to disclose
a vulnerability with the GitLab data source plugin that could leak the API key
to GitLab. After further analysis the vulnerability impacts data source
and plugin proxy endpoints with authentication tokens but under some conditions.
We believe that this vulnerability is rated at CVSS 4.9
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)
Discovery 2022-06-26 Entry 2022-11-12 grafana
ge 7.0.0 lt 8.5.14
ge 9.0.0 lt 9.1.8
grafana7
ge 7.0.0
grafana8
ge 8.0.0 lt 8.5.14
grafana9
ge 9.0.0 lt 9.1.8
CVE-2022-31130
https://github.com/grafana/grafana/security/advisories/GHSA-jv32-5578-pxjc
|
827b95ff-290e-11ed-a2e7-6c3be5272acd | Grafana -- Unauthorized file disclosure
Grafana Labs reports:
On July 21, an internal security review identified an unauthorized file disclosure vulnerability in the Grafana Image Renderer plugin when HTTP remote rendering is used. The Chromium browser embedded in the Grafana Image Renderer allows for âÂÂprintingâ of unauthorized files in a PNG file. This makes it possible for a malicious user to retrieve unauthorized files under some network conditions or via a fake data source (this applies if the user has admin permissions in Grafana).
Discovery 2022-07-21 Entry 2022-09-01 grafana
ge 5.2.0 lt 8.3.11
ge 8.4.0 lt 8.4.11
ge 8.5.0 lt 8.5.11
ge 9.0.0 lt 9.0.8
ge 9.1.0 lt 9.1.2
grafana7
ge 7.0
grafana8
ge 8.3.0 lt 8.3.11
ge 8.4.0 lt 8.4.11
ge 8.5.0 lt 8.5.11
grafana9
ge 9.0.0 lt 9.0.8
ge 9.1.0 lt 9.1.2
CVE-2022-31176
https://github.com/grafana/grafana-image-renderer/security/advisories/GHSA-2cfh-233g-m4c5
|
909a80ba-6294-11ed-9ca2-6c3be5272acd | Grafana -- Improper authentication
Grafana Labs reports:
On September 7, as a result of an internal security audit, we discovered
a security vulnerability in GrafanaâÂÂs basic authentication related to the usage
of username and email address.
n Grafana, a userâÂÂs username and email address are unique fields, which
means no other user can have the same username or email address as another user.
In addition, a user can have an email address as a username, and the Grafana
login allows users to sign in with either username or email address. This
creates an unusual behavior, where user_1 can register with one email
address and user_2 can register their username as user_1âÂÂs
email address. As a result, user_1 would be prevented from signing
in to Grafana, since user_1 password wonâÂÂt match with user_2
email address.
The CVSS score for this vulnerability is 4.3 moderate
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).
Discovery 2022-09-07 Entry 2022-11-12 grafana
ge 8.0.0 lt 8.5.14
ge 9.0.0 lt 9.1.8
grafana8
ge 8.0.0 lt 8.5.14
grafana9
ge 9.0.0 lt 9.1.8
CVE-2022-39229
https://github.com/grafana/grafana/security/advisories/GHSA-gj7m-853r-289r
|
95e6e6ca-3986-11ed-8e0c-6c3be5272acd | Grafana -- Privilege escalation
Grafana Labs reports:
On August 9 an internal security review identified a vulnerability
in the Grafana which allows an escalation from Admin privileges
to Server Admin when Auth proxy authentication is used.
Auth proxy allows to authenticate a user by only providing the username
(or email) in a X-WEBAUTH-USER HTTP header: the trust assumption
is that a front proxy will take care of authentication and that Grafana server
is publicly reachable only with this front proxy.
Datasource proxy breaks this assumption:
- it is possible to configure a fake datasource pointing to a localhost
Grafana install with a
X-WEBAUTH-USER HTTP header containing
admin username.
- This fake datasource can be called publicly via this proxying feature.
The CVSS score for this vulnerability is 6.6 Moderate
(CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).
Discovery 2022-08-09 Entry 2022-09-21 grafana
ge 2.1.0 lt 8.5.13
ge 9.0.0 lt 9.0.9
ge 9.1.0 lt 9.1.6
grafana7
ge 7.0
grafana8
ge 8.0.0 lt 8.5.13
grafana9
ge 9.0.0 lt 9.0.9
ge 9.1.0 lt 9.1.6
CVE-2022-35957
https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q
|
db895ed0-6298-11ed-9ca2-6c3be5272acd | Grafana -- Privilege escalation
Grafana Labs reports:
Internal security audit identified a race condition in the Grafana codebase,
which allowed an unauthenticated user to query an arbitrary endpoint in Grafana.
A race condition in the
HTTP context creation could make a HTTP request being assigned
the authentication/authorization middlewares of another call. Under heavy load
it is possible that a call protected by a privileged middleware receives instead
the middleware of a public query. As a result, an unauthenticated user can
successfully query protected endpoints.
The CVSS score for this vulnerability is 9.8 Critical
Discovery 2022-11-08 Entry 2022-11-12 grafana
ge 9.2.0 lt 9.2.4
grafana9
ge 9.2.0 lt 9.2.4
CVE-2022-39328
https://github.com/grafana/grafana/security/advisories/GHSA-vqc4-mpj8-jxch
|