Search

Find a vulnerability

Search criteria

    32 vulnerabilities found for Grafana Enterprise by Grafana

    CVE-2026-42127 (GCVE-0-2026-42127)

    Vulnerability from nvd – Published: 2026-06-22 16:31 – Updated: 2026-06-22 17:28
    VLAI
    Title
    Grafana pre-auth DoS through arbitrarily large input to public dashboard query handler
    Summary
    The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticated attackers to trigger excessive memory allocation by sending arbitrarily large JSON payloads. This can lead to denial of service through memory exhaustion. No valid dashboard access token or authentication is required to exploit this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    References
    Impacted products
    Vendor Product Version
    Grafana Grafana Enterprise Affected: 0 , ≤ 11.6.14 (semver)
    Affected: 0 , ≤ 12.2.8 (semver)
    Affected: 0 , ≤ 12.3.6 (semver)
    Affected: 0 , ≤ 12.4.3 (semver)
    Affected: 0 , ≤ 13.0.1 (semver)
    Create a notification for this product.
    Grafana Grafana OSS Affected: 11.6.0 , ≤ 11.6.14 (semver)
    Affected: 12.2.0 , ≤ 12.2.8 (semver)
    Affected: 12.3.0 , ≤ 12.3.6 (semver)
    Affected: 12.4.0 , ≤ 12.4.3 (semver)
    Affected: 13.0.0 , ≤ 13.0.1 (semver)
    Create a notification for this product.
    Date Public
    2026-05-24 15:38
    Credits
    Charlie Lewis
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-42127",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-22T17:28:16.184877Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-770",
                    "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-22T17:28:35.835Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThanOrEqual": "11.6.14",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.2.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.3.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.4.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "13.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Grafana OSS",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThanOrEqual": "11.6.14",
                  "status": "affected",
                  "version": "11.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.2.8",
                  "status": "affected",
                  "version": "12.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.3.6",
                  "status": "affected",
                  "version": "12.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.4.3",
                  "status": "affected",
                  "version": "12.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "13.0.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Charlie Lewis"
            }
          ],
          "datePublic": "2026-05-24T15:38:07.115Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticated attackers to trigger excessive memory allocation by sending arbitrarily large JSON payloads. This can lead to denial of service through memory exhaustion. No valid dashboard access token or authentication is required to exploit this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T16:31:28.096Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://grafana.com/security/security-advisories/cve-2026-42127"
            }
          ],
          "source": {
            "discovery": "EXTERNAL_REPORT"
          },
          "title": "Grafana pre-auth DoS through arbitrarily large input to public dashboard query handler",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2026-42127",
        "datePublished": "2026-06-22T16:31:28.096Z",
        "dateReserved": "2026-04-24T15:38:08.066Z",
        "dateUpdated": "2026-06-22T17:28:35.835Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-27876 (GCVE-0-2026-27876)

    Vulnerability from nvd – Published: 2026-03-27 14:24 – Updated: 2026-06-30 12:05
    VLAI
    Title
    RCE on Grafana via sqlExpressions
    Summary
    A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the sqlExpressions feature toggle enabled are vulnerable. Only instances in the following version ranges are affected: - 11.6.0 (inclusive) to 11.6.14 (exclusive): 11.6.14 has the fix. 11.5 and below are not affected. - 12.0.0 (inclusive) to 12.1.10 (exclusive): 12.1.10 has the fix. 12.0 did not receive an update, as it is end-of-life. - 12.2.0 (inclusive) to 12.2.8 (exclusive): 12.2.8 has the fix. - 12.3.0 (inclusive) to 12.3.6 (exclusive): 12.3.6 has the fix. - 12.4.0 (inclusive) to 12.4.2 (exclusive): 12.4.2 has the fix. 13.0.0 and above also have the fix: no v13 release is affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 11.6.0 , < 11.6.14 (semver)
    Affected: 12.0.0 , < 12.1.10 (semver)
    Affected: 12.2.0 , < 12.2.8 (semver)
    Affected: 12.3.0 , < 12.3.6 (semver)
    Affected: 12.4.0 , < 12.4.2 (semver)
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2026-03-27 14:21
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-27876",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-27T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-28T03:55:48.690Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-27T14:24:36.771Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Grafana and the Grafana Enterprise plugin. A remote attacker could exploit a chained attack involving SQL Expressions and the Grafana Enterprise plugin to achieve remote arbitrary code execution. This vulnerability is present in instances where the `sqlExpressions` feature toggle is enabled, allowing an attacker to execute unauthorized commands on the system."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Critical"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.1,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-89",
                    "description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:05:51.689Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-27876"
              },
              {
                "name": "RHBZ#2452277",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452277"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27876.json"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-27T15:02:27.980Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-27T14:24:36.771Z",
                "value": "Made public."
              }
            ],
            "title": "grafana: grafana-enterprise-plugin: Grafana: Remote arbitrary code execution via chained SQL Expressions and Enterprise plugin attack",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.6.14",
                  "status": "affected",
                  "version": "11.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "12.1.10",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "12.2.8",
                  "status": "affected",
                  "version": "12.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "12.3.6",
                  "status": "affected",
                  "version": "12.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "12.4.2",
                  "status": "affected",
                  "version": "12.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-03-27T14:21:53.858Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always recommended to update to avoid future attack vectors going this path.\n\nOnly instances with the sqlExpressions feature toggle enabled are vulnerable.\n\nOnly instances in the following version ranges are affected:\n\n- 11.6.0 (inclusive) to 11.6.14 (exclusive): 11.6.14 has the fix. 11.5 and below are not affected.\n- 12.0.0 (inclusive) to 12.1.10 (exclusive): 12.1.10 has the fix. 12.0 did not receive an update, as it is end-of-life.\n- 12.2.0 (inclusive) to 12.2.8 (exclusive): 12.2.8 has the fix.\n- 12.3.0 (inclusive) to 12.3.6 (exclusive): 12.3.6 has the fix.\n- 12.4.0 (inclusive) to 12.4.2 (exclusive): 12.4.2 has the fix. 13.0.0 and above also have the fix: no v13 release is affected."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T16:31:34.172Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://grafana.com/security/security-advisories/cve-2026-27876"
            }
          ],
          "source": {
            "discovery": "BUG_BOUNTY"
          },
          "title": "RCE on Grafana via sqlExpressions",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2026-27876",
        "datePublished": "2026-03-27T14:24:36.771Z",
        "dateReserved": "2026-02-24T14:30:17.726Z",
        "dateUpdated": "2026-06-30T12:05:51.689Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-41115 (GCVE-0-2025-41115)

    Vulnerability from nvd – Published: 2025-11-21 14:25 – Updated: 2026-06-22 16:31
    VLAI
    Title
    Incorrect privilege assignment
    Summary
    SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric externalId, which in turn could allow to override internal user IDs and lead to impersonation or privilege escalation. This vulnerability applies only if all of the following conditions are met: - `enableSCIM` feature flag set to true - `user_sync_enabled` config option in the `[auth.scim]` block set to true
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    Impacted products
    Vendor Product Version
    Grafana Grafana Enterprise Affected: 12.0.0 , < 12.2.1 (semver)
    Create a notification for this product.
    Date Public
    2025-11-21 08:12
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-41115",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-22T04:55:19.297964Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-266",
                    "description": "CWE-266 Incorrect Privilege Assignment",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T16:07:39.859Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "12.2.1",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2025-11-21T08:12:17.767Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "type": "text/markdown",
                  "value": "SCIM provisioning was\u00a0introduced\u00a0in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management.\n\nIn Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric externalId, which in turn could allow to override internal user IDs and lead to impersonation or privilege escalation.\n\nThis vulnerability applies only if\u00a0all\u00a0of the following conditions are met:\n- `enableSCIM`\u00a0feature flag set to true\n- `user_sync_enabled`\u00a0config option in the\u00a0`[auth.scim]`\u00a0block set to true"
                }
              ],
              "value": "SCIM provisioning was\u00a0introduced\u00a0in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management.\n\nIn Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric externalId, which in turn could allow to override internal user IDs and lead to impersonation or privilege escalation.\n\nThis vulnerability applies only if\u00a0all\u00a0of the following conditions are met:\n- `enableSCIM`\u00a0feature flag set to true\n- `user_sync_enabled`\u00a0config option in the\u00a0`[auth.scim]`\u00a0block set to true"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T16:31:06.676Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://grafana.com/security/security-advisories/cve-2025-41115"
            }
          ],
          "source": {
            "discovery": "INTERNAL_FINDING"
          },
          "title": "Incorrect privilege assignment",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2025-41115",
        "datePublished": "2025-11-21T14:25:38.945Z",
        "dateReserved": "2025-04-16T09:19:26.442Z",
        "dateUpdated": "2026-06-22T16:31:06.676Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-3454 (GCVE-0-2025-3454)

    Vulnerability from nvd – Published: 2025-06-02 10:34 – Updated: 2025-06-02 12:04
    VLAI
    Summary
    This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 11.6.0 , < 11.6.0+security-01 (semver)
    Affected: 11.5.0 , < 11.5.3+security-01 (semver)
    Affected: 11.4.0 , < 11.4.3+security-01 (semver)
    Affected: 11.3.0 , < 11.3.5+security-01 (semver)
    Affected: 11.2.0 , < 11.2.8+security-01 (semver)
    Affected: 10.4.0 , < 10.4.17+security-01 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 11.6.0 , < 11.6.0+security-01 (semver)
    Affected: 11.5.0 , < 11.5.3+security-01 (semver)
    Affected: 11.4.0 , < 11.4.3+security-01 (semver)
    Affected: 11.3.0 , < 11.3.5+security-01 (semver)
    Affected: 11.2.0 , < 11.2.8+security-01 (semver)
    Affected: 10.4.0 , < 10.4.17+security-01 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-3454",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-02T12:03:59.158063Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-02T12:04:24.348Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.6.0+security-01",
                  "status": "affected",
                  "version": "11.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.5.3+security-01",
                  "status": "affected",
                  "version": "11.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.4.3+security-01",
                  "status": "affected",
                  "version": "11.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.3.5+security-01",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.2.8+security-01",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.4.17+security-01",
                  "status": "affected",
                  "version": "10.4.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.6.0+security-01",
                  "status": "affected",
                  "version": "11.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.5.3+security-01",
                  "status": "affected",
                  "version": "11.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.4.3+security-01",
                  "status": "affected",
                  "version": "11.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.3.5+security-01",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.2.8+security-01",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.4.17+security-01",
                  "status": "affected",
                  "version": "10.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThis vulnerability in Grafana\u0027s datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path.\u003c/p\u003e\u003cp\u003eUsers with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources.\u003c/p\u003e\u003cp\u003eThe issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources.\u003c/p\u003e"
                }
              ],
              "value": "This vulnerability in Grafana\u0027s datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path.\n\nUsers with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources.\n\nThe issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-129",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-129"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-02T10:34:09.254Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2025-3454/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2025-3454",
        "datePublished": "2025-06-02T10:34:09.254Z",
        "dateReserved": "2025-04-08T20:40:44.631Z",
        "dateUpdated": "2025-06-02T12:04:24.348Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-2703 (GCVE-0-2025-2703)

    Vulnerability from nvd – Published: 2025-04-23 11:36 – Updated: 2025-06-10 10:53
    VLAI
    Summary
    The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 11.6.0 , < 11.6.0+security-01 (semver)
    Affected: 11.5.0 , < 11.5.3+security-01 (semver)
    Affected: 11.4.0 , < 11.4.3+security-01 (semver)
    Affected: 11.3.0 , < 11.3.5+security-01 (semver)
    Affected: 11.2.0 , < 11.2.8+security-01 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 11.6.0 , < 11.6.0+security-01 (semver)
    Affected: 11.5.0 , < 11.5.3+security-01 (semver)
    Affected: 11.4.0 , < 11.4.3+security-01 (semver)
    Affected: 11.3.0 , < 11.3.5+security-01 (semver)
    Affected: 11.2.0 , < 11.2.8+security-01 (semver)
    Create a notification for this product.
    Credits
    Paul Gerste (Sonar)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-2703",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T14:20:27.622977Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-23T14:20:51.418Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.6.0+security-01",
                  "status": "affected",
                  "version": "11.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.5.3+security-01",
                  "status": "affected",
                  "version": "11.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.4.3+security-01",
                  "status": "affected",
                  "version": "11.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.3.5+security-01",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.2.8+security-01",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.6.0+security-01",
                  "status": "affected",
                  "version": "11.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.5.3+security-01",
                  "status": "affected",
                  "version": "11.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.4.3+security-01",
                  "status": "affected",
                  "version": "11.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.3.5+security-01",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.2.8+security-01",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Paul Gerste (Sonar)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. \u003c/p\u003e\u003cp\u003eA user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript.\u003c/p\u003e"
                }
              ],
              "value": "The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. \n\nA user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-10T10:53:48.851Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2025-2703"
            },
            {
              "url": "https://www.sonarsource.com/blog/data-in-danger-detecting-xss-in-grafana-cve-2025-2703/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2025-2703",
        "datePublished": "2025-04-23T11:36:02.852Z",
        "dateReserved": "2025-03-24T07:33:46.939Z",
        "dateUpdated": "2025-06-10T10:53:48.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6322 (GCVE-0-2024-6322)

    Vulnerability from nvd – Published: 2024-08-20 17:52 – Updated: 2025-11-23 15:33
    VLAI
    Summary
    Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query access to the impacted datasource.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 11.1.0 , < 11.1.1 (semver)
    Affected: 11.1.2 , < 11.1.3 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 11.1.0 , < 11.1.1 (semver)
    Affected: 11.1.2 , < 11.1.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6322",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-21T13:25:17.993382Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-03T17:04:40.540Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.1.1",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.1.3",
                  "status": "affected",
                  "version": "11.1.2",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.1.1",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.1.3",
                  "status": "affected",
                  "version": "11.1.2",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query access to the impacted datasource."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "CWE-266",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-23T15:33:04.210Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2024-6322/"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2024-6322",
        "datePublished": "2024-08-20T17:52:06.232Z",
        "dateReserved": "2024-06-25T13:25:06.436Z",
        "dateUpdated": "2025-11-23T15:33:04.210Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-6152 (GCVE-0-2023-6152)

    Vulnerability from nvd – Published: 2024-02-13 21:38 – Updated: 2025-02-15 00:10
    VLAI
    Summary
    A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verify_email_enabled" will only validate email only on sign up.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 2.5.0 , < 9.5.16 (semver)
    Affected: 10.0.0 , < 10.0.11 (semver)
    Affected: 10.1.0 , < 10.1.7 (semver)
    Affected: 10.2.0 , < 10.2.4 (semver)
    Affected: 10.3.0 , < 10.3.3 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 2.5.0 , < 9.5.16 (semver)
    Affected: 10.0.0 , < 10.0.11 (semver)
    Affected: 10.1.0 , < 10.1.7 (semver)
    Affected: 10.2.0 , < 10.2.4 (semver)
    Affected: 10.3.0 , < 10.3.3 (semver)
    Create a notification for this product.
    grafana grafana Affected: 2.5.0 , < 9.5.16 (custom)
    Affected: 10.0.0 , < 10.0.11 (custom)
    Affected: 10.10 , < 10.1.7 (custom)
    Affected: 10.2.0 , < 10.2.4 (custom)
    Affected: 10.3.0 , < 10.3.3 (custom)
        cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
    Create a notification for this product.
    grafana grafana_enterprise Affected: 2.5.0 , < 9.5.16 (custom)
    Affected: 10.0.0 , < 10.0.11 (custom)
    Affected: 10.10 , < 10.1.7 (custom)
    Affected: 10.2.0 , < 10.2.4 (custom)
    Affected: 10.3.0 , < 10.3.3 (custom)
        cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-02-15T00:10:28.890Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-6152/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"
              },
              {
                "url": "https://security.netapp.com/advisory/ntap-20250214-0008/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "grafana",
                "vendor": "grafana",
                "versions": [
                  {
                    "lessThan": "9.5.16",
                    "status": "affected",
                    "version": "2.5.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.0.11",
                    "status": "affected",
                    "version": "10.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.1.7",
                    "status": "affected",
                    "version": "10.10",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.2.4",
                    "status": "affected",
                    "version": "10.2.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.3.3",
                    "status": "affected",
                    "version": "10.3.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "grafana_enterprise",
                "vendor": "grafana",
                "versions": [
                  {
                    "lessThan": "9.5.16",
                    "status": "affected",
                    "version": "2.5.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.0.11",
                    "status": "affected",
                    "version": "10.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.1.7",
                    "status": "affected",
                    "version": "10.10",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.2.4",
                    "status": "affected",
                    "version": "10.2.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.3.3",
                    "status": "affected",
                    "version": "10.3.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6152",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-22T15:42:45.786092Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-22T15:51:56.870Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.5.16",
                  "status": "affected",
                  "version": "2.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.0.11",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.1.7",
                  "status": "affected",
                  "version": "10.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.2.4",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.3.3",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.5.16",
                  "status": "affected",
                  "version": "2.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.0.11",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.1.7",
                  "status": "affected",
                  "version": "10.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.2.4",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.3.3",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA user changing their email after signing up and verifying it can change it without verification in profile settings.\u003c/p\u003e\u003cp\u003eThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\u003c/p\u003e"
                }
              ],
              "value": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-13T21:38:01.404Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-6152/"
            },
            {
              "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-6152",
        "datePublished": "2024-02-13T21:38:01.404Z",
        "dateReserved": "2023-11-15T12:44:28.824Z",
        "dateUpdated": "2025-02-15T00:10:28.890Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4399 (GCVE-0-2023-4399)

    Vulnerability from nvd – Published: 2023-10-17 07:09 – Updated: 2025-02-13 17:13
    VLAI
    Summary
    Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the characters in the request address.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Enterprise Affected: 10.1.0 , < 10.1.5 (semver)
    Affected: 10.0.0 , < 10.0.9 (semver)
    Affected: 9.5.0 , < 9.5.13 (semver)
    Affected: 9.4.0 , < 9.4.17 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:24:04.622Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-4399/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20231208-0003/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4399",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-03T14:41:54.324405Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-03T14:42:21.688Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "10.1.5",
                  "status": "affected",
                  "version": "10.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.0.9",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.13",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.4.17",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability. \u003c/p\u003e\u003cp\u003eIn Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn\u2019t call specific hosts.\u003c/p\u003e\u003cp\u003eHowever, the restriction can be bypassed used punycode encoding of the characters in the request address.\u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability. \n\nIn Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn\u2019t call specific hosts.\n\nHowever, the restriction can be bypassed used punycode encoding of the characters in the request address."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-267",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-267"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-183",
                  "description": "CWE-183",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-08T19:06:21.275Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-4399/"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20231208-0003/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-4399",
        "datePublished": "2023-10-17T07:09:03.015Z",
        "dateReserved": "2023-08-17T10:06:35.187Z",
        "dateUpdated": "2025-02-13T17:13:32.745Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4822 (GCVE-0-2023-4822)

    Vulnerability from nvd – Published: 2023-10-16 08:45 – Updated: 2026-01-30 04:55
    VLAI
    Summary
    Grafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations. It also allows an Organization Admin to assign or revoke any permissions that they have to any user globally. This means that any Organization Admin can elevate their own permissions in any organization that they are already a member of, or elevate or restrict the permissions of any other user. The vulnerability does not allow a user to become a member of an organization that they are not already a member of, or to add any other users to an organization that the current user is not a member of.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Enterprise Affected: 8.0.0 , < 9.4.16 (semver)
    Affected: 9.5.0 , < 9.5.11 (semver)
    Affected: 10.0.0 , < 10.0.7 (semver)
    Affected: 10.1.0 , < 10.1.3 (semver)
    Create a notification for this product.
    grafana grafana_enterprise Affected: 8.0.0 , < 9.4.16 (semver)
    Affected: 9.5.0 , < 9.5.11 (semver)
    Affected: 10.0.0 , < 10.0.7 (semver)
    Affected: 10.1.0 , < 10.1.3 (semver)
        cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:38:00.740Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-4822"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20231103-0008/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "grafana_enterprise",
                "vendor": "grafana",
                "versions": [
                  {
                    "lessThan": "9.4.16",
                    "status": "affected",
                    "version": "8.0.0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "9.5.11",
                    "status": "affected",
                    "version": "9.5.0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "10.0.7",
                    "status": "affected",
                    "version": "10.0.0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "10.1.3",
                    "status": "affected",
                    "version": "10.1.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4822",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-30T04:55:38.864Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.4.16",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.11",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.0.7",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.1.3",
                  "status": "affected",
                  "version": "10.1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations.\u003c/p\u003e\u003cp\u003eIt also allows an Organization Admin to assign or revoke any permissions that they have to any user globally.\u003c/p\u003e\u003cp\u003eThis means that any Organization Admin can elevate their own permissions in any organization that they are already a member of, or elevate or restrict the permissions of any other user.\u003c/p\u003e\u003cp\u003eThe vulnerability does not allow a user to become a member of an organization that they are not already a member of, or to add any other users to an organization that the current user is not a member of.\u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations.\n\nIt also allows an Organization Admin to assign or revoke any permissions that they have to any user globally.\n\nThis means that any Organization Admin can elevate their own permissions in any organization that they are already a member of, or elevate or restrict the permissions of any other user.\n\nThe vulnerability does not allow a user to become a member of an organization that they are not already a member of, or to add any other users to an organization that the current user is not a member of."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-04T05:07:07.679Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-4822"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20231103-0008/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-4822",
        "datePublished": "2023-10-16T08:45:59.756Z",
        "dateReserved": "2023-09-07T15:53:30.740Z",
        "dateUpdated": "2026-01-30T04:55:38.864Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-3128 (GCVE-0-2023-3128)

    Vulnerability from nvd – Published: 2023-06-22 20:14 – Updated: 2025-02-13 16:49
    VLAI
    Summary
    Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 9.5.0 , < 9.5.4 (semver)
    Affected: 9.4.0 , < 9.4.13 (semver)
    Affected: 9.3.0 , < 9.3.16 (semver)
    Affected: 9.2.0 , < 9.2.20 (semver)
    Affected: 6.7.0 , < 8.5.27 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 9.5.0 , < 9.5.4 (semver)
    Affected: 9.4.0 , < 9.4.13 (semver)
    Affected: 9.3.0 , < 9.3.16 (semver)
    Affected: 9.2.0 , < 9.2.20 (semver)
    Affected: 6.7.0 , < 8.5.27 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:48:07.347Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-3128/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230714-0004/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3128",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-06T15:26:35.297129Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-06T15:26:43.437Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.5.4",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.4.13",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.16",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.20",
                  "status": "affected",
                  "version": "9.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "8.5.27",
                  "status": "affected",
                  "version": "6.7.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.5.4",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.4.13",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.16",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.20",
                  "status": "affected",
                  "version": "9.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "8.5.27",
                  "status": "affected",
                  "version": "6.7.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is validating Azure AD accounts based on the email claim. \u003c/p\u003e\u003cp\u003eOn Azure AD, the profile email field is not unique and can be easily modified. \u003c/p\u003e\u003cp\u003eThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. \u003c/p\u003e"
                }
              ],
              "value": "Grafana is validating Azure AD accounts based on the email claim. \n\nOn Azure AD, the profile email field is not unique and can be easily modified. \n\nThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 9.4,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-290",
                  "description": "CWE-290",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-18T07:06:14.710Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-3128/"
            },
            {
              "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230714-0004/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-3128",
        "datePublished": "2023-06-22T20:14:00.805Z",
        "dateReserved": "2023-06-06T15:02:55.259Z",
        "dateUpdated": "2025-02-13T16:49:48.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2801 (GCVE-0-2023-2801)

    Vulnerability from nvd – Published: 2023-06-06 18:03 – Updated: 2025-02-13 16:45
    VLAI
    Summary
    Grafana is an open-source platform for monitoring and observability. Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance. The only feature that uses mixed queries at the moment is public dashboards, but it's also possible to cause this by calling the query API directly. This might enable malicious users to crash Grafana instances through that endpoint. Users may upgrade to version 9.4.12 and 9.5.3 to receive a fix.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 9.4.0 , < 9.4.12 (semver)
    Affected: 9.5.0 , < 9.5.3 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 9.4.0 , < 9.4.12 (semver)
    Affected: 9.5.0 , < 9.5.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:33:05.564Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-2801/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230706-0002/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2801",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-07T18:27:46.406382Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-07T18:27:59.835Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.4.12",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.3",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.4.12",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.3",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability. \u003c/p\u003e\u003cp\u003eUsing public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance.\u003c/p\u003e\u003cp\u003eThe only feature that uses mixed queries at the moment is public dashboards, but it\u0027s also possible to cause this by calling the query API directly.\u003c/p\u003e\u003cp\u003eThis might enable malicious users to crash Grafana instances through that endpoint.\u003c/p\u003e\u003cp\u003eUsers may upgrade to version 9.4.12 and 9.5.3 to receive a fix.\u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability. \n\nUsing public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance.\n\nThe only feature that uses mixed queries at the moment is public dashboards, but it\u0027s also possible to cause this by calling the query API directly.\n\nThis might enable malicious users to crash Grafana instances through that endpoint.\n\nUsers may upgrade to version 9.4.12 and 9.5.3 to receive a fix."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-26",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-26"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-820",
                  "description": "CWE-820",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-06T18:06:29.011Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-2801/"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230706-0002/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-2801",
        "datePublished": "2023-06-06T18:03:32.459Z",
        "dateReserved": "2023-05-18T16:22:13.573Z",
        "dateUpdated": "2025-02-13T16:45:38.503Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2183 (GCVE-0-2023-2183)

    Vulnerability from nvd – Published: 2023-06-06 18:04 – Updated: 2025-02-13 16:40
    VLAI
    Summary
    Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function. This might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server. Users may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 8.0.0 , < 8.5.26 (semver)
    Affected: 9.0.0 , < 9.2.19 (semver)
    Affected: 9.3.0 , < 9.3.15 (semver)
    Affected: 9.4.0 , < 9.4.12 (semver)
    Affected: 9.5.0 , < 9.5.3 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 8.0.0 , < 8.5.26 (semver)
    Affected: 9.0.0 , < 9.2.19 (semver)
    Affected: 9.3.0 , < 9.3.15 (semver)
    Affected: 9.4.0 , < 9.4.12 (semver)
    Affected: 9.5.0 , < 9.5.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:12:20.655Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-2183/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-cvm3-pp2j-chr3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230706-0002/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2183",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-07T16:30:23.268015Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-07T16:30:50.109Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "8.5.26",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.19",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.15",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.4.12",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.3",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "8.5.26",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.19",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.15",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.4.12",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.3",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability. \u003c/p\u003e\u003cp\u003eThe option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function.\u003c/p\u003e\u003cp\u003eThis might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server.\u003c/p\u003e\u003cp\u003eUsers may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.\u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability. \n\nThe option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function.\n\nThis might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server.\n\nUsers may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-180",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-180"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-06T18:06:27.533Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-2183/"
            },
            {
              "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-cvm3-pp2j-chr3"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230706-0002/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-2183",
        "datePublished": "2023-06-06T18:04:26.485Z",
        "dateReserved": "2023-04-19T12:11:08.488Z",
        "dateUpdated": "2025-02-13T16:40:15.277Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1387 (GCVE-0-2023-1387)

    Vulnerability from nvd – Published: 2023-04-26 13:47 – Updated: 2025-02-13 16:39
    VLAI
    Summary
    Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. By enabling the "url_login" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 9.1.0 , < 9.2.17 (semver)
    Affected: 9.3.0 , < 9.3.13 (semver)
    Affected: 9.4.0 , < 9.5.0 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 9.1.0 , < 9.2.17 (semver)
    Affected: 9.3.0 , < 9.3.13 (semver)
    Affected: 9.4.0 , < 9.5.0 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:49:11.313Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-1387/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230609-0003/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1387",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-31T16:11:53.656123Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-31T16:12:05.145Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.2.17",
                  "status": "affected",
                  "version": "9.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.13",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.0",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.2.17",
                  "status": "affected",
                  "version": "9.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.13",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.0",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability. \u003c/p\u003e\u003cp\u003eStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \u003c/p\u003e\u003cp\u003eBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.\u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \n\nBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-116",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-116"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-09T07:06:35.623Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-1387/"
            },
            {
              "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230609-0003/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-1387",
        "datePublished": "2023-04-26T13:47:16.914Z",
        "dateReserved": "2023-03-14T11:11:01.304Z",
        "dateUpdated": "2025-02-13T16:39:22.007Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1410 (GCVE-0-2023-1410)

    Vulnerability from nvd – Published: 2023-03-23 07:48 – Updated: 2025-03-04 21:22
    VLAI
    Title
    Stored XSS in Graphite FunctionDescription tooltip
    Summary
    Grafana is an open-source platform for monitoring and observability.  Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description.  Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 8.0.0 , < 8.5.22 (semver)
    Affected: 9.0.0 , < 9.2.15 (semver)
    Affected: 9.3.0 , < 9.3.11 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 8.0.0 , < 8.5.22 (semver)
    Affected: 9.0.0 , < 9.2.15 (semver)
    Affected: 9.3.0 , < 9.3.11 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:49:11.621Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-1410/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230420-0003/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1410",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-04T21:21:42.873495Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-04T21:22:03.229Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "8.5.22",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.15",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.11",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "8.5.22",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.15",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.11",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability.\u0026nbsp;\u003c/p\u003e\u003cp\u003eGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \u003c/p\u003e\u003cp\u003eThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\u003c/p\u003e\u003cp\u003eAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description.\u0026nbsp;\u003c/p\u003e\u003cp\u003e  Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix. \u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability.\u00a0\n\nGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \n\nThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\n\nAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description.\u00a0\n\n  Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-592"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-20T08:06:33.364Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-1410/"
            },
            {
              "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230420-0003/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Stored XSS in Graphite FunctionDescription tooltip",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-1410",
        "datePublished": "2023-03-23T07:48:56.246Z",
        "dateReserved": "2023-03-15T11:11:52.860Z",
        "dateUpdated": "2025-03-04T21:22:03.229Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-0594 (GCVE-0-2023-0594)

    Vulnerability from nvd – Published: 2023-03-01 15:36 – Updated: 2026-01-28 04:55
    VLAI
    Summary
    Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. The stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this will be rendered when the span's attributes/resources are expanded. An attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 7.0.0 , < 8.5.21 (semver)
    Affected: 9.0.0 , < 9.2.13 (semver)
    Affected: 9.3.0 , < 9.3.8 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 7.0.0 , < 8.5.21 (semver)
    Affected: 9.0.0 , < 9.2.13 (semver)
    Affected: 9.3.0 , < 9.3.8 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:17:50.130Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20230331-0007/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-0594/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0594",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-27T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-28T04:55:36.581Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "8.5.21",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.13",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.8",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "8.5.21",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.13",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.8",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability. \u003c/p\u003e\u003cp\u003eStarting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. \u003c/p\u003e\u003cp\u003eThe stored XSS vulnerability was possible due the value of a span\u0027s attributes/resources were not properly sanitized and this will be rendered when the span\u0027s attributes/resources are expanded.\u003c/p\u003e\u003cp\u003eAn attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript. \u003c/p\u003e\u003cp\u003eThis means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \u003c/p\u003e\u003cp\u003eUsers may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix. \u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. \n\nThe stored XSS vulnerability was possible due the value of a span\u0027s attributes/resources were not properly sanitized and this will be rendered when the span\u0027s attributes/resources are expanded.\n\nAn attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript. \n\nThis means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix. \n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-592"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-04T10:15:49.096Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-0594/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-0594",
        "datePublished": "2023-03-01T15:36:43.881Z",
        "dateReserved": "2023-01-31T10:37:31.334Z",
        "dateUpdated": "2026-01-28T04:55:36.581Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-0507 (GCVE-0-2023-0507)

    Vulnerability from nvd – Published: 2023-03-01 15:35 – Updated: 2026-01-28 04:55
    VLAI
    Summary
    Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. An attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 8.1.0 , < 8.5.21 (semver)
    Affected: 9.0.0 , < 9.2.13 (semver)
    Affected: 9.3.0 , < 9.3.8 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 8.1.0 , < 8.5.21 (semver)
    Affected: 9.0.0 , < 9.2.13 (semver)
    Affected: 9.3.0 , < 9.3.8 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:17:49.040Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-0507/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230413-0001/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0507",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-27T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-28T04:55:39.324Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "8.5.21",
                  "status": "affected",
                  "version": "8.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.13",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.8",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "8.5.21",
                  "status": "affected",
                  "version": "8.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.13",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.8",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability. \u003c/p\u003e\u003cp\u003eStarting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. \u003c/p\u003e\u003cp\u003eThe stored XSS vulnerability was possible due to map attributions weren\u0027t properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. \u003c/p\u003e\u003cp\u003eAn attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. \u003c/p\u003e\u003cp\u003eThis means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \u003c/p\u003e\u003cp\u003eUsers may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix. \u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. \n\nThe stored XSS vulnerability was possible due to map attributions weren\u0027t properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. \n\nAn attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. \n\nThis means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-592"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-13T16:06:25.719Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-0507/"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230413-0001/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-0507",
        "datePublished": "2023-03-01T15:35:55.259Z",
        "dateReserved": "2023-01-25T15:05:48.661Z",
        "dateUpdated": "2026-01-28T04:55:39.324Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-42127 (GCVE-0-2026-42127)

    Vulnerability from cvelistv5 – Published: 2026-06-22 16:31 – Updated: 2026-06-22 17:28
    VLAI
    Title
    Grafana pre-auth DoS through arbitrarily large input to public dashboard query handler
    Summary
    The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticated attackers to trigger excessive memory allocation by sending arbitrarily large JSON payloads. This can lead to denial of service through memory exhaustion. No valid dashboard access token or authentication is required to exploit this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    References
    Impacted products
    Vendor Product Version
    Grafana Grafana Enterprise Affected: 0 , ≤ 11.6.14 (semver)
    Affected: 0 , ≤ 12.2.8 (semver)
    Affected: 0 , ≤ 12.3.6 (semver)
    Affected: 0 , ≤ 12.4.3 (semver)
    Affected: 0 , ≤ 13.0.1 (semver)
    Create a notification for this product.
    Grafana Grafana OSS Affected: 11.6.0 , ≤ 11.6.14 (semver)
    Affected: 12.2.0 , ≤ 12.2.8 (semver)
    Affected: 12.3.0 , ≤ 12.3.6 (semver)
    Affected: 12.4.0 , ≤ 12.4.3 (semver)
    Affected: 13.0.0 , ≤ 13.0.1 (semver)
    Create a notification for this product.
    Date Public
    2026-05-24 15:38
    Credits
    Charlie Lewis
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-42127",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-22T17:28:16.184877Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-770",
                    "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-22T17:28:35.835Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThanOrEqual": "11.6.14",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.2.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.3.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.4.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "13.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Grafana OSS",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThanOrEqual": "11.6.14",
                  "status": "affected",
                  "version": "11.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.2.8",
                  "status": "affected",
                  "version": "12.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.3.6",
                  "status": "affected",
                  "version": "12.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.4.3",
                  "status": "affected",
                  "version": "12.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "13.0.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Charlie Lewis"
            }
          ],
          "datePublic": "2026-05-24T15:38:07.115Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticated attackers to trigger excessive memory allocation by sending arbitrarily large JSON payloads. This can lead to denial of service through memory exhaustion. No valid dashboard access token or authentication is required to exploit this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T16:31:28.096Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://grafana.com/security/security-advisories/cve-2026-42127"
            }
          ],
          "source": {
            "discovery": "EXTERNAL_REPORT"
          },
          "title": "Grafana pre-auth DoS through arbitrarily large input to public dashboard query handler",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2026-42127",
        "datePublished": "2026-06-22T16:31:28.096Z",
        "dateReserved": "2026-04-24T15:38:08.066Z",
        "dateUpdated": "2026-06-22T17:28:35.835Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-27876 (GCVE-0-2026-27876)

    Vulnerability from cvelistv5 – Published: 2026-03-27 14:24 – Updated: 2026-06-30 12:05
    VLAI
    Title
    RCE on Grafana via sqlExpressions
    Summary
    A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the sqlExpressions feature toggle enabled are vulnerable. Only instances in the following version ranges are affected: - 11.6.0 (inclusive) to 11.6.14 (exclusive): 11.6.14 has the fix. 11.5 and below are not affected. - 12.0.0 (inclusive) to 12.1.10 (exclusive): 12.1.10 has the fix. 12.0 did not receive an update, as it is end-of-life. - 12.2.0 (inclusive) to 12.2.8 (exclusive): 12.2.8 has the fix. - 12.3.0 (inclusive) to 12.3.6 (exclusive): 12.3.6 has the fix. - 12.4.0 (inclusive) to 12.4.2 (exclusive): 12.4.2 has the fix. 13.0.0 and above also have the fix: no v13 release is affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 11.6.0 , < 11.6.14 (semver)
    Affected: 12.0.0 , < 12.1.10 (semver)
    Affected: 12.2.0 , < 12.2.8 (semver)
    Affected: 12.3.0 , < 12.3.6 (semver)
    Affected: 12.4.0 , < 12.4.2 (semver)
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2026-03-27 14:21
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-27876",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-27T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-28T03:55:48.690Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-27T14:24:36.771Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Grafana and the Grafana Enterprise plugin. A remote attacker could exploit a chained attack involving SQL Expressions and the Grafana Enterprise plugin to achieve remote arbitrary code execution. This vulnerability is present in instances where the `sqlExpressions` feature toggle is enabled, allowing an attacker to execute unauthorized commands on the system."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Critical"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.1,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-89",
                    "description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:05:51.689Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-27876"
              },
              {
                "name": "RHBZ#2452277",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452277"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27876.json"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-27T15:02:27.980Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-27T14:24:36.771Z",
                "value": "Made public."
              }
            ],
            "title": "grafana: grafana-enterprise-plugin: Grafana: Remote arbitrary code execution via chained SQL Expressions and Enterprise plugin attack",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.6.14",
                  "status": "affected",
                  "version": "11.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "12.1.10",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "12.2.8",
                  "status": "affected",
                  "version": "12.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "12.3.6",
                  "status": "affected",
                  "version": "12.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "12.4.2",
                  "status": "affected",
                  "version": "12.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-03-27T14:21:53.858Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always recommended to update to avoid future attack vectors going this path.\n\nOnly instances with the sqlExpressions feature toggle enabled are vulnerable.\n\nOnly instances in the following version ranges are affected:\n\n- 11.6.0 (inclusive) to 11.6.14 (exclusive): 11.6.14 has the fix. 11.5 and below are not affected.\n- 12.0.0 (inclusive) to 12.1.10 (exclusive): 12.1.10 has the fix. 12.0 did not receive an update, as it is end-of-life.\n- 12.2.0 (inclusive) to 12.2.8 (exclusive): 12.2.8 has the fix.\n- 12.3.0 (inclusive) to 12.3.6 (exclusive): 12.3.6 has the fix.\n- 12.4.0 (inclusive) to 12.4.2 (exclusive): 12.4.2 has the fix. 13.0.0 and above also have the fix: no v13 release is affected."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T16:31:34.172Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://grafana.com/security/security-advisories/cve-2026-27876"
            }
          ],
          "source": {
            "discovery": "BUG_BOUNTY"
          },
          "title": "RCE on Grafana via sqlExpressions",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2026-27876",
        "datePublished": "2026-03-27T14:24:36.771Z",
        "dateReserved": "2026-02-24T14:30:17.726Z",
        "dateUpdated": "2026-06-30T12:05:51.689Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-41115 (GCVE-0-2025-41115)

    Vulnerability from cvelistv5 – Published: 2025-11-21 14:25 – Updated: 2026-06-22 16:31
    VLAI
    Title
    Incorrect privilege assignment
    Summary
    SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric externalId, which in turn could allow to override internal user IDs and lead to impersonation or privilege escalation. This vulnerability applies only if all of the following conditions are met: - `enableSCIM` feature flag set to true - `user_sync_enabled` config option in the `[auth.scim]` block set to true
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    Impacted products
    Vendor Product Version
    Grafana Grafana Enterprise Affected: 12.0.0 , < 12.2.1 (semver)
    Create a notification for this product.
    Date Public
    2025-11-21 08:12
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-41115",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-22T04:55:19.297964Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-266",
                    "description": "CWE-266 Incorrect Privilege Assignment",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T16:07:39.859Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "12.2.1",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2025-11-21T08:12:17.767Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "type": "text/markdown",
                  "value": "SCIM provisioning was\u00a0introduced\u00a0in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management.\n\nIn Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric externalId, which in turn could allow to override internal user IDs and lead to impersonation or privilege escalation.\n\nThis vulnerability applies only if\u00a0all\u00a0of the following conditions are met:\n- `enableSCIM`\u00a0feature flag set to true\n- `user_sync_enabled`\u00a0config option in the\u00a0`[auth.scim]`\u00a0block set to true"
                }
              ],
              "value": "SCIM provisioning was\u00a0introduced\u00a0in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management.\n\nIn Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric externalId, which in turn could allow to override internal user IDs and lead to impersonation or privilege escalation.\n\nThis vulnerability applies only if\u00a0all\u00a0of the following conditions are met:\n- `enableSCIM`\u00a0feature flag set to true\n- `user_sync_enabled`\u00a0config option in the\u00a0`[auth.scim]`\u00a0block set to true"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T16:31:06.676Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://grafana.com/security/security-advisories/cve-2025-41115"
            }
          ],
          "source": {
            "discovery": "INTERNAL_FINDING"
          },
          "title": "Incorrect privilege assignment",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2025-41115",
        "datePublished": "2025-11-21T14:25:38.945Z",
        "dateReserved": "2025-04-16T09:19:26.442Z",
        "dateUpdated": "2026-06-22T16:31:06.676Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-3454 (GCVE-0-2025-3454)

    Vulnerability from cvelistv5 – Published: 2025-06-02 10:34 – Updated: 2025-06-02 12:04
    VLAI
    Summary
    This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 11.6.0 , < 11.6.0+security-01 (semver)
    Affected: 11.5.0 , < 11.5.3+security-01 (semver)
    Affected: 11.4.0 , < 11.4.3+security-01 (semver)
    Affected: 11.3.0 , < 11.3.5+security-01 (semver)
    Affected: 11.2.0 , < 11.2.8+security-01 (semver)
    Affected: 10.4.0 , < 10.4.17+security-01 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 11.6.0 , < 11.6.0+security-01 (semver)
    Affected: 11.5.0 , < 11.5.3+security-01 (semver)
    Affected: 11.4.0 , < 11.4.3+security-01 (semver)
    Affected: 11.3.0 , < 11.3.5+security-01 (semver)
    Affected: 11.2.0 , < 11.2.8+security-01 (semver)
    Affected: 10.4.0 , < 10.4.17+security-01 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-3454",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-02T12:03:59.158063Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-02T12:04:24.348Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.6.0+security-01",
                  "status": "affected",
                  "version": "11.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.5.3+security-01",
                  "status": "affected",
                  "version": "11.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.4.3+security-01",
                  "status": "affected",
                  "version": "11.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.3.5+security-01",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.2.8+security-01",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.4.17+security-01",
                  "status": "affected",
                  "version": "10.4.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.6.0+security-01",
                  "status": "affected",
                  "version": "11.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.5.3+security-01",
                  "status": "affected",
                  "version": "11.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.4.3+security-01",
                  "status": "affected",
                  "version": "11.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.3.5+security-01",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.2.8+security-01",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.4.17+security-01",
                  "status": "affected",
                  "version": "10.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThis vulnerability in Grafana\u0027s datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path.\u003c/p\u003e\u003cp\u003eUsers with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources.\u003c/p\u003e\u003cp\u003eThe issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources.\u003c/p\u003e"
                }
              ],
              "value": "This vulnerability in Grafana\u0027s datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path.\n\nUsers with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources.\n\nThe issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-129",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-129"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-02T10:34:09.254Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2025-3454/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2025-3454",
        "datePublished": "2025-06-02T10:34:09.254Z",
        "dateReserved": "2025-04-08T20:40:44.631Z",
        "dateUpdated": "2025-06-02T12:04:24.348Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-2703 (GCVE-0-2025-2703)

    Vulnerability from cvelistv5 – Published: 2025-04-23 11:36 – Updated: 2025-06-10 10:53
    VLAI
    Summary
    The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 11.6.0 , < 11.6.0+security-01 (semver)
    Affected: 11.5.0 , < 11.5.3+security-01 (semver)
    Affected: 11.4.0 , < 11.4.3+security-01 (semver)
    Affected: 11.3.0 , < 11.3.5+security-01 (semver)
    Affected: 11.2.0 , < 11.2.8+security-01 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 11.6.0 , < 11.6.0+security-01 (semver)
    Affected: 11.5.0 , < 11.5.3+security-01 (semver)
    Affected: 11.4.0 , < 11.4.3+security-01 (semver)
    Affected: 11.3.0 , < 11.3.5+security-01 (semver)
    Affected: 11.2.0 , < 11.2.8+security-01 (semver)
    Create a notification for this product.
    Credits
    Paul Gerste (Sonar)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-2703",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T14:20:27.622977Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-23T14:20:51.418Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.6.0+security-01",
                  "status": "affected",
                  "version": "11.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.5.3+security-01",
                  "status": "affected",
                  "version": "11.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.4.3+security-01",
                  "status": "affected",
                  "version": "11.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.3.5+security-01",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.2.8+security-01",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.6.0+security-01",
                  "status": "affected",
                  "version": "11.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.5.3+security-01",
                  "status": "affected",
                  "version": "11.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.4.3+security-01",
                  "status": "affected",
                  "version": "11.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.3.5+security-01",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.2.8+security-01",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Paul Gerste (Sonar)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. \u003c/p\u003e\u003cp\u003eA user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript.\u003c/p\u003e"
                }
              ],
              "value": "The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. \n\nA user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-10T10:53:48.851Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2025-2703"
            },
            {
              "url": "https://www.sonarsource.com/blog/data-in-danger-detecting-xss-in-grafana-cve-2025-2703/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2025-2703",
        "datePublished": "2025-04-23T11:36:02.852Z",
        "dateReserved": "2025-03-24T07:33:46.939Z",
        "dateUpdated": "2025-06-10T10:53:48.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6322 (GCVE-0-2024-6322)

    Vulnerability from cvelistv5 – Published: 2024-08-20 17:52 – Updated: 2025-11-23 15:33
    VLAI
    Summary
    Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query access to the impacted datasource.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 11.1.0 , < 11.1.1 (semver)
    Affected: 11.1.2 , < 11.1.3 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 11.1.0 , < 11.1.1 (semver)
    Affected: 11.1.2 , < 11.1.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6322",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-21T13:25:17.993382Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-03T17:04:40.540Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.1.1",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.1.3",
                  "status": "affected",
                  "version": "11.1.2",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "11.1.1",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.1.3",
                  "status": "affected",
                  "version": "11.1.2",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query access to the impacted datasource."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "CWE-266",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-23T15:33:04.210Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2024-6322/"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2024-6322",
        "datePublished": "2024-08-20T17:52:06.232Z",
        "dateReserved": "2024-06-25T13:25:06.436Z",
        "dateUpdated": "2025-11-23T15:33:04.210Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-6152 (GCVE-0-2023-6152)

    Vulnerability from cvelistv5 – Published: 2024-02-13 21:38 – Updated: 2025-02-15 00:10
    VLAI
    Summary
    A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verify_email_enabled" will only validate email only on sign up.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 2.5.0 , < 9.5.16 (semver)
    Affected: 10.0.0 , < 10.0.11 (semver)
    Affected: 10.1.0 , < 10.1.7 (semver)
    Affected: 10.2.0 , < 10.2.4 (semver)
    Affected: 10.3.0 , < 10.3.3 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 2.5.0 , < 9.5.16 (semver)
    Affected: 10.0.0 , < 10.0.11 (semver)
    Affected: 10.1.0 , < 10.1.7 (semver)
    Affected: 10.2.0 , < 10.2.4 (semver)
    Affected: 10.3.0 , < 10.3.3 (semver)
    Create a notification for this product.
    grafana grafana Affected: 2.5.0 , < 9.5.16 (custom)
    Affected: 10.0.0 , < 10.0.11 (custom)
    Affected: 10.10 , < 10.1.7 (custom)
    Affected: 10.2.0 , < 10.2.4 (custom)
    Affected: 10.3.0 , < 10.3.3 (custom)
        cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
    Create a notification for this product.
    grafana grafana_enterprise Affected: 2.5.0 , < 9.5.16 (custom)
    Affected: 10.0.0 , < 10.0.11 (custom)
    Affected: 10.10 , < 10.1.7 (custom)
    Affected: 10.2.0 , < 10.2.4 (custom)
    Affected: 10.3.0 , < 10.3.3 (custom)
        cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-02-15T00:10:28.890Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-6152/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"
              },
              {
                "url": "https://security.netapp.com/advisory/ntap-20250214-0008/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "grafana",
                "vendor": "grafana",
                "versions": [
                  {
                    "lessThan": "9.5.16",
                    "status": "affected",
                    "version": "2.5.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.0.11",
                    "status": "affected",
                    "version": "10.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.1.7",
                    "status": "affected",
                    "version": "10.10",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.2.4",
                    "status": "affected",
                    "version": "10.2.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.3.3",
                    "status": "affected",
                    "version": "10.3.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "grafana_enterprise",
                "vendor": "grafana",
                "versions": [
                  {
                    "lessThan": "9.5.16",
                    "status": "affected",
                    "version": "2.5.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.0.11",
                    "status": "affected",
                    "version": "10.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.1.7",
                    "status": "affected",
                    "version": "10.10",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.2.4",
                    "status": "affected",
                    "version": "10.2.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "10.3.3",
                    "status": "affected",
                    "version": "10.3.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6152",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-22T15:42:45.786092Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-22T15:51:56.870Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.5.16",
                  "status": "affected",
                  "version": "2.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.0.11",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.1.7",
                  "status": "affected",
                  "version": "10.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.2.4",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.3.3",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.5.16",
                  "status": "affected",
                  "version": "2.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.0.11",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.1.7",
                  "status": "affected",
                  "version": "10.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.2.4",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.3.3",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA user changing their email after signing up and verifying it can change it without verification in profile settings.\u003c/p\u003e\u003cp\u003eThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\u003c/p\u003e"
                }
              ],
              "value": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-13T21:38:01.404Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-6152/"
            },
            {
              "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-6152",
        "datePublished": "2024-02-13T21:38:01.404Z",
        "dateReserved": "2023-11-15T12:44:28.824Z",
        "dateUpdated": "2025-02-15T00:10:28.890Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4399 (GCVE-0-2023-4399)

    Vulnerability from cvelistv5 – Published: 2023-10-17 07:09 – Updated: 2025-02-13 17:13
    VLAI
    Summary
    Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the characters in the request address.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Enterprise Affected: 10.1.0 , < 10.1.5 (semver)
    Affected: 10.0.0 , < 10.0.9 (semver)
    Affected: 9.5.0 , < 9.5.13 (semver)
    Affected: 9.4.0 , < 9.4.17 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:24:04.622Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-4399/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20231208-0003/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4399",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-03T14:41:54.324405Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-03T14:42:21.688Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "10.1.5",
                  "status": "affected",
                  "version": "10.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.0.9",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.13",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.4.17",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability. \u003c/p\u003e\u003cp\u003eIn Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn\u2019t call specific hosts.\u003c/p\u003e\u003cp\u003eHowever, the restriction can be bypassed used punycode encoding of the characters in the request address.\u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability. \n\nIn Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn\u2019t call specific hosts.\n\nHowever, the restriction can be bypassed used punycode encoding of the characters in the request address."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-267",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-267"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-183",
                  "description": "CWE-183",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-08T19:06:21.275Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-4399/"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20231208-0003/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-4399",
        "datePublished": "2023-10-17T07:09:03.015Z",
        "dateReserved": "2023-08-17T10:06:35.187Z",
        "dateUpdated": "2025-02-13T17:13:32.745Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4822 (GCVE-0-2023-4822)

    Vulnerability from cvelistv5 – Published: 2023-10-16 08:45 – Updated: 2026-01-30 04:55
    VLAI
    Summary
    Grafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations. It also allows an Organization Admin to assign or revoke any permissions that they have to any user globally. This means that any Organization Admin can elevate their own permissions in any organization that they are already a member of, or elevate or restrict the permissions of any other user. The vulnerability does not allow a user to become a member of an organization that they are not already a member of, or to add any other users to an organization that the current user is not a member of.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Enterprise Affected: 8.0.0 , < 9.4.16 (semver)
    Affected: 9.5.0 , < 9.5.11 (semver)
    Affected: 10.0.0 , < 10.0.7 (semver)
    Affected: 10.1.0 , < 10.1.3 (semver)
    Create a notification for this product.
    grafana grafana_enterprise Affected: 8.0.0 , < 9.4.16 (semver)
    Affected: 9.5.0 , < 9.5.11 (semver)
    Affected: 10.0.0 , < 10.0.7 (semver)
    Affected: 10.1.0 , < 10.1.3 (semver)
        cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:38:00.740Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-4822"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20231103-0008/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "grafana_enterprise",
                "vendor": "grafana",
                "versions": [
                  {
                    "lessThan": "9.4.16",
                    "status": "affected",
                    "version": "8.0.0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "9.5.11",
                    "status": "affected",
                    "version": "9.5.0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "10.0.7",
                    "status": "affected",
                    "version": "10.0.0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "10.1.3",
                    "status": "affected",
                    "version": "10.1.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4822",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-30T04:55:38.864Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.4.16",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.11",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.0.7",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "10.1.3",
                  "status": "affected",
                  "version": "10.1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations.\u003c/p\u003e\u003cp\u003eIt also allows an Organization Admin to assign or revoke any permissions that they have to any user globally.\u003c/p\u003e\u003cp\u003eThis means that any Organization Admin can elevate their own permissions in any organization that they are already a member of, or elevate or restrict the permissions of any other user.\u003c/p\u003e\u003cp\u003eThe vulnerability does not allow a user to become a member of an organization that they are not already a member of, or to add any other users to an organization that the current user is not a member of.\u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations.\n\nIt also allows an Organization Admin to assign or revoke any permissions that they have to any user globally.\n\nThis means that any Organization Admin can elevate their own permissions in any organization that they are already a member of, or elevate or restrict the permissions of any other user.\n\nThe vulnerability does not allow a user to become a member of an organization that they are not already a member of, or to add any other users to an organization that the current user is not a member of."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-04T05:07:07.679Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-4822"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20231103-0008/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-4822",
        "datePublished": "2023-10-16T08:45:59.756Z",
        "dateReserved": "2023-09-07T15:53:30.740Z",
        "dateUpdated": "2026-01-30T04:55:38.864Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-3128 (GCVE-0-2023-3128)

    Vulnerability from cvelistv5 – Published: 2023-06-22 20:14 – Updated: 2025-02-13 16:49
    VLAI
    Summary
    Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 9.5.0 , < 9.5.4 (semver)
    Affected: 9.4.0 , < 9.4.13 (semver)
    Affected: 9.3.0 , < 9.3.16 (semver)
    Affected: 9.2.0 , < 9.2.20 (semver)
    Affected: 6.7.0 , < 8.5.27 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 9.5.0 , < 9.5.4 (semver)
    Affected: 9.4.0 , < 9.4.13 (semver)
    Affected: 9.3.0 , < 9.3.16 (semver)
    Affected: 9.2.0 , < 9.2.20 (semver)
    Affected: 6.7.0 , < 8.5.27 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:48:07.347Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-3128/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230714-0004/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3128",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-06T15:26:35.297129Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-06T15:26:43.437Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.5.4",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.4.13",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.16",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.20",
                  "status": "affected",
                  "version": "9.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "8.5.27",
                  "status": "affected",
                  "version": "6.7.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.5.4",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.4.13",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.16",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.20",
                  "status": "affected",
                  "version": "9.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "8.5.27",
                  "status": "affected",
                  "version": "6.7.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is validating Azure AD accounts based on the email claim. \u003c/p\u003e\u003cp\u003eOn Azure AD, the profile email field is not unique and can be easily modified. \u003c/p\u003e\u003cp\u003eThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. \u003c/p\u003e"
                }
              ],
              "value": "Grafana is validating Azure AD accounts based on the email claim. \n\nOn Azure AD, the profile email field is not unique and can be easily modified. \n\nThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 9.4,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-290",
                  "description": "CWE-290",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-18T07:06:14.710Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-3128/"
            },
            {
              "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-gxh2-6vvc-rrgp"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230714-0004/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-3128",
        "datePublished": "2023-06-22T20:14:00.805Z",
        "dateReserved": "2023-06-06T15:02:55.259Z",
        "dateUpdated": "2025-02-13T16:49:48.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2183 (GCVE-0-2023-2183)

    Vulnerability from cvelistv5 – Published: 2023-06-06 18:04 – Updated: 2025-02-13 16:40
    VLAI
    Summary
    Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function. This might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server. Users may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 8.0.0 , < 8.5.26 (semver)
    Affected: 9.0.0 , < 9.2.19 (semver)
    Affected: 9.3.0 , < 9.3.15 (semver)
    Affected: 9.4.0 , < 9.4.12 (semver)
    Affected: 9.5.0 , < 9.5.3 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 8.0.0 , < 8.5.26 (semver)
    Affected: 9.0.0 , < 9.2.19 (semver)
    Affected: 9.3.0 , < 9.3.15 (semver)
    Affected: 9.4.0 , < 9.4.12 (semver)
    Affected: 9.5.0 , < 9.5.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:12:20.655Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-2183/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-cvm3-pp2j-chr3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230706-0002/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2183",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-07T16:30:23.268015Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-07T16:30:50.109Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "8.5.26",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.19",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.15",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.4.12",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.3",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "8.5.26",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.19",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.15",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.4.12",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.3",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability. \u003c/p\u003e\u003cp\u003eThe option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function.\u003c/p\u003e\u003cp\u003eThis might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server.\u003c/p\u003e\u003cp\u003eUsers may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.\u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability. \n\nThe option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function.\n\nThis might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server.\n\nUsers may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-180",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-180"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-06T18:06:27.533Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-2183/"
            },
            {
              "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-cvm3-pp2j-chr3"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230706-0002/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-2183",
        "datePublished": "2023-06-06T18:04:26.485Z",
        "dateReserved": "2023-04-19T12:11:08.488Z",
        "dateUpdated": "2025-02-13T16:40:15.277Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2801 (GCVE-0-2023-2801)

    Vulnerability from cvelistv5 – Published: 2023-06-06 18:03 – Updated: 2025-02-13 16:45
    VLAI
    Summary
    Grafana is an open-source platform for monitoring and observability. Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance. The only feature that uses mixed queries at the moment is public dashboards, but it's also possible to cause this by calling the query API directly. This might enable malicious users to crash Grafana instances through that endpoint. Users may upgrade to version 9.4.12 and 9.5.3 to receive a fix.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 9.4.0 , < 9.4.12 (semver)
    Affected: 9.5.0 , < 9.5.3 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 9.4.0 , < 9.4.12 (semver)
    Affected: 9.5.0 , < 9.5.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:33:05.564Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-2801/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230706-0002/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2801",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-07T18:27:46.406382Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-07T18:27:59.835Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.4.12",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.3",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.4.12",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.3",
                  "status": "affected",
                  "version": "9.5.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability. \u003c/p\u003e\u003cp\u003eUsing public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance.\u003c/p\u003e\u003cp\u003eThe only feature that uses mixed queries at the moment is public dashboards, but it\u0027s also possible to cause this by calling the query API directly.\u003c/p\u003e\u003cp\u003eThis might enable malicious users to crash Grafana instances through that endpoint.\u003c/p\u003e\u003cp\u003eUsers may upgrade to version 9.4.12 and 9.5.3 to receive a fix.\u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability. \n\nUsing public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance.\n\nThe only feature that uses mixed queries at the moment is public dashboards, but it\u0027s also possible to cause this by calling the query API directly.\n\nThis might enable malicious users to crash Grafana instances through that endpoint.\n\nUsers may upgrade to version 9.4.12 and 9.5.3 to receive a fix."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-26",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-26"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-820",
                  "description": "CWE-820",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-06T18:06:29.011Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-2801/"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230706-0002/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-2801",
        "datePublished": "2023-06-06T18:03:32.459Z",
        "dateReserved": "2023-05-18T16:22:13.573Z",
        "dateUpdated": "2025-02-13T16:45:38.503Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1387 (GCVE-0-2023-1387)

    Vulnerability from cvelistv5 – Published: 2023-04-26 13:47 – Updated: 2025-02-13 16:39
    VLAI
    Summary
    Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. By enabling the "url_login" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 9.1.0 , < 9.2.17 (semver)
    Affected: 9.3.0 , < 9.3.13 (semver)
    Affected: 9.4.0 , < 9.5.0 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 9.1.0 , < 9.2.17 (semver)
    Affected: 9.3.0 , < 9.3.13 (semver)
    Affected: 9.4.0 , < 9.5.0 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:49:11.313Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-1387/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230609-0003/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1387",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-31T16:11:53.656123Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-31T16:12:05.145Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.2.17",
                  "status": "affected",
                  "version": "9.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.13",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.0",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "9.2.17",
                  "status": "affected",
                  "version": "9.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.13",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.5.0",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability. \u003c/p\u003e\u003cp\u003eStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \u003c/p\u003e\u003cp\u003eBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.\u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \n\nBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-116",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-116"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-09T07:06:35.623Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-1387/"
            },
            {
              "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230609-0003/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-1387",
        "datePublished": "2023-04-26T13:47:16.914Z",
        "dateReserved": "2023-03-14T11:11:01.304Z",
        "dateUpdated": "2025-02-13T16:39:22.007Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1410 (GCVE-0-2023-1410)

    Vulnerability from cvelistv5 – Published: 2023-03-23 07:48 – Updated: 2025-03-04 21:22
    VLAI
    Title
    Stored XSS in Graphite FunctionDescription tooltip
    Summary
    Grafana is an open-source platform for monitoring and observability.  Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description.  Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Grafana Grafana Affected: 8.0.0 , < 8.5.22 (semver)
    Affected: 9.0.0 , < 9.2.15 (semver)
    Affected: 9.3.0 , < 9.3.11 (semver)
    Create a notification for this product.
    Grafana Grafana Enterprise Affected: 8.0.0 , < 8.5.22 (semver)
    Affected: 9.0.0 , < 9.2.15 (semver)
    Affected: 9.3.0 , < 9.3.11 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:49:11.621Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://grafana.com/security/security-advisories/cve-2023-1410/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230420-0003/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1410",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-04T21:21:42.873495Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-04T21:22:03.229Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Grafana",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "8.5.22",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.15",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.11",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Grafana Enterprise",
              "vendor": "Grafana",
              "versions": [
                {
                  "lessThan": "8.5.22",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.2.15",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "9.3.11",
                  "status": "affected",
                  "version": "9.3.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eGrafana is an open-source platform for monitoring and observability.\u0026nbsp;\u003c/p\u003e\u003cp\u003eGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \u003c/p\u003e\u003cp\u003eThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\u003c/p\u003e\u003cp\u003eAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description.\u0026nbsp;\u003c/p\u003e\u003cp\u003e  Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix. \u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "Grafana is an open-source platform for monitoring and observability.\u00a0\n\nGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \n\nThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\n\nAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description.\u00a0\n\n  Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-592"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-20T08:06:33.364Z",
            "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            "shortName": "GRAFANA"
          },
          "references": [
            {
              "url": "https://grafana.com/security/security-advisories/cve-2023-1410/"
            },
            {
              "url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230420-0003/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Stored XSS in Graphite FunctionDescription tooltip",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "assignerShortName": "GRAFANA",
        "cveId": "CVE-2023-1410",
        "datePublished": "2023-03-23T07:48:56.246Z",
        "dateReserved": "2023-03-15T11:11:52.860Z",
        "dateUpdated": "2025-03-04T21:22:03.229Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }