CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 1CVE-2022-21702 – Cross site scripting in Grafana proxy
https://notcve.org/view.php?id=CVE-2022-21702
Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-site Scripting (XSS) attack. The attacker could either compromise an existing datasource for a specific Grafana instance or either set up its own public service and instruct anyone to set it up in their Grafana instance. To be impacted, all of the following must be applicable. For the data source proxy: A Grafana HTTP-based datasource configured with Server as Access Mode and a URL set, the attacker has to be in control of the HTTP server serving the URL of above datasource, and a specially crafted link pointing at the attacker controlled data source must be clicked on by an authenticated user. • https://github.com/grafana/grafana/commit/27726868b3d7c613844b55cd209ca93645c99b85 https://github.com/grafana/grafana/security/advisories/GHSA-xc3p-28hw-q24g https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH https://lists.fedorapr • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-21673 – OAuth Identity Token exposure in Grafana
https://notcve.org/view.php?id=CVE-2022-21673
Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will forward the OAuth Identity of the most recently logged-in user. This can allow API token holders to retrieve data for which they may not have intended access. This attack relies on the Grafana instance having data sources that support the Forward OAuth Identity feature, the Grafana instance having a data source with the Forward OAuth Identity feature toggled on, the Grafana instance having OAuth enabled, and the Grafana instance having usable API keys. This issue has been patched in versions 7.5.13 and 8.3.4. • https://github.com/grafana/grafana/releases/tag/v7.5.13 https://github.com/grafana/grafana/releases/tag/v8.3.4 https://github.com/grafana/grafana/security/advisories/GHSA-8wjh-59cw-9xh4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/mess • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43815 – Grafana directory traversal for `.cvs` files
https://notcve.org/view.php?id=CVE-2021-43815
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. • http://www.openwall.com/lists/oss-security/2021/12/10/4 https://github.com/grafana/grafana/commit/d6ec6f8ad28f0212e584406730f939105ff6c6d3 https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d https://github.com/grafana/grafana/releases/tag/v8.3.2 https://github.com/grafana/grafana/security/advisories/GHSA-7533-c8qv-jm9m https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix https://security.netapp.com/advisory/ntap-2022010 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 1%CPEs: 2EXPL: 0CVE-2021-43813 – Directory Traversal in Grafana
https://notcve.org/view.php?id=CVE-2021-43813
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. • http://www.openwall.com/lists/oss-security/2021/12/10/4 https://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0f https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12 https://grafana& • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 97%CPEs: 7EXPL: 38CVE-2021-43798 – Grafana path traversal
https://notcve.org/view.php?id=CVE-2021-43798
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. • https://github.com/jas502n/Grafana-CVE-2021-43798 https://www.exploit-db.com/exploits/50581 https://github.com/pedrohavay/exploit-grafana-CVE-2021-43798 https://github.com/Mr-xn/CVE-2021-43798 https://github.com/taythebot/CVE-2021-43798 https://github.com/zer0yu/CVE-2021-43798 https://github.com/ScorpionsMAX/CVE-2021-43798-Grafana-POC https://github.com/asaotomo/CVE-2021-43798-Grafana-Exp https://github.com/z3n70/CVE-2021-43798 https://github.com/M0ge/CVE-2021-43798&# • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •