CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43815 – Grafana directory traversal for `.cvs` files
https://notcve.org/view.php?id=CVE-2021-43815
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. • http://www.openwall.com/lists/oss-security/2021/12/10/4 https://github.com/grafana/grafana/commit/d6ec6f8ad28f0212e584406730f939105ff6c6d3 https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d https://github.com/grafana/grafana/releases/tag/v8.3.2 https://github.com/grafana/grafana/security/advisories/GHSA-7533-c8qv-jm9m https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix https://security.netapp.com/advisory/ntap-2022010 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 1%CPEs: 2EXPL: 0CVE-2021-43813 – Directory Traversal in Grafana
https://notcve.org/view.php?id=CVE-2021-43813
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. • http://www.openwall.com/lists/oss-security/2021/12/10/4 https://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0f https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12 https://grafana& • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 97%CPEs: 7EXPL: 38CVE-2021-43798 – Grafana path traversal
https://notcve.org/view.php?id=CVE-2021-43798
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. • https://github.com/jas502n/Grafana-CVE-2021-43798 https://www.exploit-db.com/exploits/50581 https://github.com/pedrohavay/exploit-grafana-CVE-2021-43798 https://github.com/Mr-xn/CVE-2021-43798 https://github.com/taythebot/CVE-2021-43798 https://github.com/zer0yu/CVE-2021-43798 https://github.com/ScorpionsMAX/CVE-2021-43798-Grafana-POC https://github.com/asaotomo/CVE-2021-43798-Grafana-Exp https://github.com/z3n70/CVE-2021-43798 https://github.com/M0ge/CVE-2021-43798&# • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41244 – Cross organization admin control in Grafana
https://notcve.org/view.php?id=CVE-2021-41244
Grafana is an open-source platform for monitoring and observability. In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users from other organizations. Grafana 8.0 introduced a mechanism which allowed users with the Organization Admin role to list, add, remove, and update users’ roles in other organizations in which they are not an admin. With fine-grained access control enabled, organization admins can list, add, remove and update users' roles in another organization, where they do not have organization admin role. All installations between v8.0 and v8.2.3 that have fine-grained access control beta enabled and more than one organization should be upgraded as soon as possible. • http://www.openwall.com/lists/oss-security/2021/11/15/1 https://github.com/grafana/grafana/security/advisories/GHSA-mpwp-42x6-4wmx https://grafana.com/blog/2021/11/15/grafana-8.2.4-released-with-security-fixes https://security.netapp.com/advisory/ntap-20211223-0001 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere CWE-863: Incorrect Authorization •
CVSS: 6.9EPSS: 95%CPEs: 1EXPL: 0CVE-2021-41174 – XSS vulnerability allowing arbitrary JavaScript execution
https://notcve.org/view.php?id=CVE-2021-41174
Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor(‘alert(1)’)()}}. • https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912 https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82 https://github.com/grafana/grafana/commit/fb85ed691290d211a5baa44d9a641ab137f0de88 https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8 https://security.netapp.com/advisory/ntap-20211125-0003 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •