CVSS: 5.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-8118 – Grafana alerting wrong permission on datasource rule write endpoint
https://notcve.org/view.php?id=CVE-2024-8118
26 Sep 2024 — In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules. • https://grafana.com/security/security-advisories/cve-2024-8118 • CWE-653: Improper Isolation or Compartmentalization •
CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0CVE-2024-1442 – User with permissions to create a data source can CRUD all data sources
https://notcve.org/view.php?id=CVE-2024-1442
07 Mar 2024 — A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *. Doing this will grant the user access to read, query, edit and delete all data sources within the organization. Un usuario con permisos para crear una fuente de datos puede usar Grafana API para crear una fuente de datos con UID configurado en *. Hacer esto le otorgará al usuario acceso para leer, consultar, editar y eliminar todas las fuentes de datos dentro de la organización. A flaw was foun... • https://grafana.com/security/security-advisories/cve-2024-1442 • CWE-269: Improper Privilege Management •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-6152
https://notcve.org/view.php?id=CVE-2023-6152
13 Feb 2024 — A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verify_email_enabled" will only validate email only on sign up. Un usuario que cambia su correo electrónico después de registrarse y verificarlo puede cambiarlo sin verificación en la configuración del perfil. La opción de configuración "verify_email_enabled" solo validará el correo electrónico al registrarse. • https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f • CWE-863: Incorrect Authorization •
CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4822 – grafana: incorrect assessment of permissions across organizations
https://notcve.org/view.php?id=CVE-2023-4822
16 Oct 2023 — Grafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations. It also allows an Organization Admin to assign or revoke any permissions that they have to any user globally. This means that any Organization Admin can elevate th... • https://grafana.com/security/security-advisories/cve-2023-4822 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2023-3128 – grafana: account takeover possible when using Azure AD OAuth
https://notcve.org/view.php?id=CVE-2023-3128
22 Jun 2023 — Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. A flaw was found in Grafana, which validates Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique across Azure AD tenants, which enables Grafana account takeover and authentication bypass when Azure AD OAuth i... • https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp • CWE-290: Authentication Bypass by Spoofing CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 1CVE-2023-2183 – grafana: missing access control allows test alerts by underprivileged user
https://notcve.org/view.php?id=CVE-2023-2183
06 Jun 2023 — Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function. This might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server. Users may upgrade t... • https://github.com/grafana/bugbounty/security/advisories/GHSA-cvm3-pp2j-chr3 • CWE-284: Improper Access Control CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 2CVE-2023-34111 – Command Injection Vulnerability in `Release PR Merged` Workflow in taosdata/grafanaplugin
https://notcve.org/view.php?id=CVE-2023-34111
06 Jun 2023 — The `Release PR Merged` workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of `${{ github.event.pull_request.title }}` in a bash command within the GitHub workflow. Attackers can inject malicious commands which will be executed by the workflow. This happens because `${{ github.event.pull_request.title }}` is directly passed to bash command on like 25 of the wor... • https://github.com/taosdata/grafanaplugin/blob/master/.github/workflows/release-pr-merged.yaml#L25 • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-1387 – grafana: JWT token leak to data source
https://notcve.org/view.php?id=CVE-2023-1387
26 Apr 2023 — Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. By enabling the "url_login" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana. A flaw was found in Grafana. • https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 1CVE-2023-1410 – Stored XSS in Graphite FunctionDescription tooltip
https://notcve.org/view.php?id=CVE-2023-1410
23 Mar 2023 — Grafana is an open-source platform for monitoring and observability. Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the descr... • https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22462 – Stored XSS in Grafana Text plugin
https://notcve.org/view.php?id=CVE-2023-22462
02 Mar 2023 — Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be fully exploited. The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker n... • https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •