CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 1CVE-2022-21702 – Cross site scripting in Grafana proxy
https://notcve.org/view.php?id=CVE-2022-21702
08 Feb 2022 — Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-site Scripting (XSS) attack. The attacker could either compromise an existing datasource for a specific Grafana instance or either set up its own public service and instruct anyone to set it up in their Grafana instance. To be impacted, all of the f... • https://github.com/grafana/grafana/commit/27726868b3d7c613844b55cd209ca93645c99b85 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-21673 – OAuth Identity Token exposure in Grafana
https://notcve.org/view.php?id=CVE-2022-21673
18 Jan 2022 — Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will forward the OAuth Identity of the most recently logged-in user. This can allow API token holders to retrieve data for which they may not have intended access. This attack relies on the Grafana instance having data sources that support the Forward OAuth Identity fea... • https://github.com/grafana/grafana/releases/tag/v7.5.13 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43815 – Grafana directory traversal for `.cvs` files
https://notcve.org/view.php?id=CVE-2021-43815
10 Dec 2021 — Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. • http://www.openwall.com/lists/oss-security/2021/12/10/4 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 6%CPEs: 2EXPL: 0CVE-2021-43813 – Directory Traversal in Grafana
https://notcve.org/view.php?id=CVE-2021-43813
10 Dec 2021 — Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. • http://www.openwall.com/lists/oss-security/2021/12/10/4 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 94%CPEs: 7EXPL: 54CVE-2021-43798 – Grafana path traversal
https://notcve.org/view.php?id=CVE-2021-43798
07 Dec 2021 — Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. • https://packetstorm.news/files/id/181050 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41244 – Cross organization admin control in Grafana
https://notcve.org/view.php?id=CVE-2021-41244
15 Nov 2021 — Grafana is an open-source platform for monitoring and observability. In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users from other organizations. Grafana 8.0 introduced a mechanism which allowed users with the Organization Admin role to list, add, remove, and update users’ roles in other organizations in which they are not an admin. With fine-grained access control enabled, organiza... • http://www.openwall.com/lists/oss-security/2021/11/15/1 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere CWE-863: Incorrect Authorization •
CVSS: 6.9EPSS: 78%CPEs: 1EXPL: 0CVE-2021-41174 – XSS vulnerability allowing arbitrary JavaScript execution
https://notcve.org/view.php?id=CVE-2021-41174
03 Nov 2021 — Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for Ang... • https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 94%CPEs: 4EXPL: 1CVE-2021-39226 – Grafana Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-39226
05 Oct 2021 — Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public_mode" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the... • http://www.openwall.com/lists/oss-security/2021/10/05/4 • CWE-287: Improper Authentication CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 0CVE-2021-28148
https://notcve.org/view.php?id=CVE-2021-28148
22 Mar 2021 — One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service (DoS) attack against a Grafana Enterprise instance. Uno de los endpoints de la API HTTP de información de uso en Grafana Enterprise versiones 6.x anteriores a 6.7.6, versiones 7.x anteriores a 7.3.10 y versiones 7.4.x ... • https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 • CWE-306: Missing Authentication for Critical Function •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-28147
https://notcve.org/view.php?id=CVE-2021-28147
22 Mar 2021 — The team sync HTTP API in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service and having the EditorsCanAdmin feature enabled, this vulnerability allows any authenticated user to add external groups to any existing team. This can be used to grant a user team permissions that the user isn't supposed to have. La API HTTP de sincronización de equipo en Grafana Enterprise versiones 6.x ... • https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 •