CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-35957 – Authentication Bypass in Grafana via auth proxy allowing escalation from admin to server admin
https://notcve.org/view.php?id=CVE-2022-35957
20 Sep 2022 — Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authenticat... • https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-31107 – Grafana account takeover via OAuth vulnerability
https://notcve.org/view.php?id=CVE-2022-31107
15 Jul 2022 — Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user's external user id is not already associated with an account in Grafana,... • https://github.com/grafana/grafana/security/advisories/GHSA-mx47-6497-3fv2 • CWE-287: Improper Authentication CWE-863: Incorrect Authorization •
CVSS: 8.7EPSS: 59%CPEs: 5EXPL: 0CVE-2022-31097 – Stored XSS in Grafana's Unified Alerting
https://notcve.org/view.php?id=CVE-2022-31097
15 Jul 2022 — Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.... • https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-29170 – Grafana Enterprise datasource network restrictions bypass via HTTP redirects
https://notcve.org/view.php?id=CVE-2022-29170
20 May 2022 — Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only ... • https://github.com/yijikeji/CVE-2022-29170 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •