Grafana.Labs.Grafana.Snapshot.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in Grafana Labs Grafana.
The vulnerabilities are due to insufficient authorization on certain web endpoints. A remote, unauthenticated attacker can exploit the vulnerability by sending a request to one of the affected endpoints. Successful exploitation could result in disclosure of existing snapshots and deletion of application snapshots.
Affected Products
Grafana Labs Grafana 7.x prior to 7.5.11
Grafana Labs Grafana 8.x prior to 8.1.6
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://github.com/grafana/grafana/security/advisories/GHSA-69j6-29vr-p3j9
Version Updates
Date | Version | Detail |
---|---|---|
2022-03-31 | 0.00316 |