{"uuid": "4a580ad1-527d-4304-bb39-e4b5f8fc38a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44643", "type": "seen", "source": "https://t.me/cibsecurity/54976", "content": "\u203c CVE-2022-44643 \u203c\n\nIn Grafana Enterprise Metrics (GEM) before 1.7.1 and 2.x before 2.3.1, after creating an Access Policy that is granted access to all tenants as well as specified a specific label matcher, the label matcher is erroneously not propagated to queries performed with this access policy. Thus, more access is granted to the policy than intended.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-20T18:13:03.000000Z"}