CVE-2018-15727
grafana: authentication bypass knowing only a username of an LDAP or OAuth user
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.
Grafana en versiones 2.x, 3.x y 4.x anteriores a la 4.6.4 y versiones 5.x anteriores a la 5.2.3 permite la omisión de autenticación debido a que un atacante puede generar una cookie "remember me" válida conociendo solo el nombre de usuario de un usuario LDAP u OAuth.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-08-22 CVE Reserved
- 2018-08-29 CVE Published
- 2018-08-31 First Exploit
- 2024-08-05 CVE Updated
- 2024-08-08 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-287: Improper Authentication
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/105184 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://github.com/u238/grafana-CVE-2018-15727 | 2018-08-31 | |
| https://github.com/grimbelhax/CVE-2018-15727 | 2022-03-11 |
| URL | Date | SRC |
|---|---|---|
| https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix | 2019-03-05 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2018:3829 | 2019-03-05 | |
| https://access.redhat.com/errata/RHSA-2019:0019 | 2019-03-05 | |
| https://access.redhat.com/security/cve/CVE-2018-15727 | 2019-01-03 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1624088 | 2019-01-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Grafana Search vendor "Grafana" | Grafana Search vendor "Grafana" for product "Grafana" | >= 2.0.0 <= 2.1.2 Search vendor "Grafana" for product "Grafana" and version " >= 2.0.0 <= 2.1.2" | - |
Affected
| ||||||
| Grafana Search vendor "Grafana" | Grafana Search vendor "Grafana" for product "Grafana" | >= 3.0.0 <= 3.1.1 Search vendor "Grafana" for product "Grafana" and version " >= 3.0.0 <= 3.1.1" | - |
Affected
| ||||||
| Grafana Search vendor "Grafana" | Grafana Search vendor "Grafana" for product "Grafana" | >= 4.0.0 < 4.6.4 Search vendor "Grafana" for product "Grafana" and version " >= 4.0.0 < 4.6.4" | - |
Affected
| ||||||
| Grafana Search vendor "Grafana" | Grafana Search vendor "Grafana" for product "Grafana" | >= 5.0.0 < 5.2.3 Search vendor "Grafana" for product "Grafana" and version " >= 5.0.0 < 5.2.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Ceph Storage Search vendor "Redhat" for product "Ceph Storage" | 3.0 Search vendor "Redhat" for product "Ceph Storage" and version "3.0" | - |
Affected
| ||||||