Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

TencentOS Server 4: grafana (TSSA-2024:0906)

🗓️ 16 Jun 2025 00:00:00Reported by TenableType 
nessus
 nessus🔗 www.tenable.com👁 3 Views

TencentOS Server 4 prior versions are affected by vulnerabilities; updates available for Grafana.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Grafana
29 Nov 202305:02
ibm
IBM Security Bulletins		Security Bulletin: IBM Storage Ceph is vulnerable to improper authentication in Grafana (CVE-2022-39229)
1 Nov 202319:38
ibm
IBM Security Bulletins		Security Bulletin: IBM Storage Ceph is vulnerable to Missing Authorization in Grafana (CVE-2023-2183)
26 Jan 202422:00
ibm
IBM Security Bulletins		Security Bulletin: IBM Storage Ceph is vulnerable to Missing Authorization in Grafana (CVE-2023-2183)
18 Jan 202421:15
ibm
FreeBSD		Grafana -- Broken access control: viewer can send test alerts
6 Jun 202300:00
freebsd
FreeBSD		Grafana -- Improper authentication
7 Sep 202200:00
freebsd
ATTACKERKB		CVE-2026-21726
15 Apr 202619:24
attackerkb
Tenable Nessus		Alibaba Cloud Linux 3 : 0075: grafana (ALINUX3-SA-2023:0075)
14 May 202500:00
nessus
Tenable Nessus		AlmaLinux 9 : grafana (ALSA-2023:2167)
14 May 202300:00
nessus
Tenable Nessus		AlmaLinux 8 : grafana (ALSA-2023:2784)
21 May 202300:00
nessus
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Tencent Linux Security Advisory TSSA-2024:0906.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(238775);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/11/20");

  script_cve_id("CVE-2021-36156", "CVE-2022-39229", "CVE-2023-2183");

  script_name(english:"TencentOS Server 4: grafana (TSSA-2024:0906)");

  script_set_attribute(attribute:"synopsis", value:
"The remote TencentOS Server 4 host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is,
therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0906 advisory.

    Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:

    CVE-2023-2183:
    Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to
    9.1.8 and 8.5.14 allow one user to block another user/'s login attempt by registering someone else/'e
    email address as a username. A Grafana users username and email address are unique fields, that means
    no other user can have the same username or email address as another user. A user can have an email
    address as a username. However, the login system allows users to log in with either username or email
    address. Since Grafana allows a user to log in with either their username or email address, this creates
    an usual behavior where `user_1` can register with one email address and `user_2` can register their
    username as `user_1`s email address. This prevents `user_1` logging into the application since
    `user_1`/'s password wont match with `user_2`/'s email address. Versions 9.1.8 and 8.5.14 contain a
    patch. There are no workarounds for this issue.

    CVE-2022-39229:
    Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to
    9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email
    address as a username. A Grafana users username and email address are unique fields, that means no
    other user can have the same username or email address as another user. A user can have an email address
    as a username. However, the login system allows users to log in with either username or email address.
    Since Grafana allows a user to log in with either their username or email address, this creates an usual
    behavior where `user_1` can register with one email address and `user_2` can register their username as
    `user_1`s email address. This prevents `user_1` logging into the application since `user_1`'s password
    wont match with `user_2`'s email address. Versions 9.1.8 and 8.5.14 contain a patch. There are no
    workarounds for this issue.

    CVE-2021-36156:
    An issue was discovered in Grafana Loki through 2.2.1. The header value X-Scope-OrgID is used to construct
    file paths for rules files, and if crafted to conduct directory traversal such as ae
    ../../sensitive/path/in/deployment pathname, then Loki will attempt to parse a rules file at that location
    and include some of the contents in the error message.

Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://mirrors.tencent.com/tlinux/errata/tssa-20240906.xml");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N");
  script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:P");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-36156");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2023-2183");
  script_set_attribute(attribute:"cvss4_score_source", value:"CVE-2022-39229");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/11/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/11/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/06/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:tencent:tencentos_server:4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:tencent:tencentos_server:grafana");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tencent Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/etc/os-release", "Host/TencentOS/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'TencentOS' >!< os_product) audit(AUDIT_OS_NOT, 'TencentOS');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'TencentOS');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'TencentOS 4.x', 'TencentOS ' + os_version);

if (!get_kb_item('Host/TencentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'TencentOS', cpu);

var constraints = [
  {
    'release': '4',
    'pkgs': [
      {'reference':'grafana-10.0.2-2.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'grafana-10.0.2-2.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'grafana-debuginfo-10.0.2-2.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'grafana-debuginfo-10.0.2-2.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'grafana-debugsource-10.0.2-2.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'grafana-debugsource-10.0.2-2.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grafana / grafana-debuginfo / grafana-debugsource');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
20 Nov 2025 00:00Current
7.1High risk
Vulners AI Score7.1
CVSS 25
CVSS 3.14.3 - 6.4
EPSS0.00903
SSVC
tencentos server 4grafana vulnerabilitiespackage updatescve-2023-2183cve-2022-39229
3