GoogleOSV:GHSA-WC9W-WVQ2-FFM9Server Side Request Forgery in Grafana
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
8.5 High
AI Score
Confidence
High
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.728 High
EPSS
Percentile
98.1%
The avatar feature in Grafana (github.com/grafana/grafana/pkg/api/avatar) 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue that allows remote code execution. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on.
References
lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html
lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html
lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html
lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html
packetstormsecurity.com/files/158320/Grafana-7.0.1-Denial-Of-Service.html
www.openwall.com/lists/oss-security/2020/06/03/4
www.openwall.com/lists/oss-security/2020/06/09/2
community.grafana.com/t/grafana-7-0-2-and-6-7-4-security-update/31408
community.grafana.com/t/release-notes-v6-7-x/27119
community.grafana.com/t/release-notes-v7-0-x/29381
github.com/grafana/grafana/commit/ba953be95f0302c2ea80d23f1e5f2c1847365192
grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix
lists.apache.org/thread.html/r0928ee574281f8b6156e0a6d0291bfc27100a9dd3f9b0177ece24ae4@%3Cdev.ambari.apache.org%3E
lists.apache.org/thread.html/r093b405a49fd31efa0d949ac1a887101af1ca95652a66094194ed933@%3Cdev.ambari.apache.org%3E
lists.apache.org/thread.html/r40f0a97b6765de6b8938bc212ee9dfb5101e9efa48bcbbdec02b2a60@%3Cissues.ambari.apache.org%3E
lists.apache.org/thread.html/r6670a6c29044bcb77d4e5d165b5bd13fffe37b84caa5d6471b13b3a2@%3Cdev.ambari.apache.org%3E
lists.apache.org/thread.html/r6bb57124a21bb638f552d81650c66684e70fc1ff9f40b6a8840171cd@%3Cissues.ambari.apache.org%3E
lists.apache.org/thread.html/r984c3b42a500f5a6a89fbee436b9432fada5dc27ebab04910aafe4da@%3Cissues.ambari.apache.org%3E
lists.apache.org/thread.html/rad99b06d7360a5cf6e394afb313f8901dcd4cb777aee9c9197b3b23d@%3Cdev.ambari.apache.org%3E
lists.apache.org/thread.html/rba0247a27be78bd14046724098462d058a9969400a82344b3007cf90@%3Cdev.ambari.apache.org%3E
lists.apache.org/thread.html/rd0fd283e3844b9c54cd5ecc92d966f96d3f4318815bbf3ac41f9c820@%3Ccommits.ambari.apache.org%3E
lists.apache.org/thread.html/re75f59639f3bc1d14c7ab362bc4485ade84f3c6a3c1a03200c20fe13@%3Cissues.ambari.apache.org%3E
lists.apache.org/thread.html/re7c4b251b52f49ba6ef752b829bca9565faaf93d03206b1db6644d31@%3Cdev.ambari.apache.org%3E
lists.apache.org/thread.html/rff71126fa7d9f572baafb9be44078ad409c85d2c0f3e26664f1ef5a2@%3Cdev.ambari.apache.org%3E
lists.fedoraproject.org/archives/list/[email protected]/message/EEKSZ6GE4EDOFZ23NGYWOCMD6O4JF5SO
lists.fedoraproject.org/archives/list/[email protected]/message/O2KSCCGKNEENZN3DW7TSPFBBUZH3YZXZ
mostwanted002.cf/post/grafanados
nvd.nist.gov/vuln/detail/CVE-2020-13379
rhynorater.github.io/CVE-2020-13379-Write-Up
security.netapp.com/advisory/ntap-20200608-0006
www.exploit-db.com/exploits/48638
Related
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
8.5 High
AI Score
Confidence
High
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.728 High
EPSS
Percentile
98.1%