EUVD-2023-54262

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Grafana Enterprise has a deny list for request security but can be bypassed using punycode encoding

Reporter	Title	Published	Views	Family All 19
AlpineLinux	CVE-2023-4399	17 Oct 202308:15	–	alpinelinux
CNNVD	Grafana Security Vulnerabilities	17 Oct 202300:00	–	cnnvd
CVE	CVE-2023-4399	17 Oct 202307:09	–	cve
Cvelist	CVE-2023-4399	17 Oct 202307:09	–	cvelist
Grafana	Grafana datasource network restrictions bypass	12 Oct 202300:00	–	grafana
Tenable Nessus	Grafana Enterprise Datasource Network Restrictions Bypass (CVE-2023-4399)	21 Nov 202300:00	–	nessus
Tenable Nessus	TencentOS Server 4: grafana (TSSA-2024:0907)	20 Nov 202500:00	–	nessus
NVD	CVE-2023-4399	17 Oct 202308:15	–	nvd
OSV	BIT-2023-4399	25 Oct 202306:18	–	osv
OSV	BIT-GRAFANA-2023-4399	6 Mar 202410:52	–	osv

[
  {
    "enisaIdVendor": [
      {
        "id": "65c4b914-f351-3be2-83b4-4e49f2c96fd5",
        "vendor": {
          "name": "Grafana"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "24e02fd6-0a42-3c3b-aa58-28222c9ade67",
        "product": {
          "name": "Grafana Enterprise"
        },
        "product_version": "10.1.0 <10.1.5"
      },
      {
        "id": "dc1f0820-dc2c-3ede-87fe-b66e5e59ddb0",
        "product": {
          "name": "Grafana Enterprise"
        },
        "product_version": "9.4.0 <9.4.17"
      },
      {
        "id": "e3dbfce7-7654-3228-8f44-fa4304b3fc45",
        "product": {
          "name": "Grafana Enterprise"
        },
        "product_version": "9.5.0 <9.5.13"
      },
      {
        "id": "ec81a32b-8ee9-30ef-8d4c-3356b36e01ad",
        "product": {
          "name": "Grafana Enterprise"
        },
        "product_version": "10.0.0 <10.0.9"
      }
    ]
  }
]

Source	Link
grafana	www.grafana.com/security/security-advisories/cve-2023-4399/
security	www.security.netapp.com/advisory/ntap-20231208-0003/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-4399

03 Oct 2025 20:07Current

7.2High risk

Vulners AI Score7.2

CVSS 3.16.6 - 7.2

EPSS0.00051

SSVC