Lucene search

Important: Red Hat Security Advisory: grafana security update

🗓️ 12 Oct 2021 11:32:01Reported by RedHatType

grafana security update to fix Snapshot authentication bypass (CVE-2021-39226) vulnerability in open source metrics dashboar

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 85
AlpineLinux	CVE-2021-39226	5 Oct 202118:15	–	alpinelinux
Check Point Advisories	Grafana Snapshot Feature Information Disclosure (CVE-2021-39226)	22 Dec 202100:00	–	checkpoint_advisories
Tenable Nessus	RHEL 8 : grafana (RHSA-2021:3770)	13 Oct 202100:00	–	nessus
Tenable Nessus	RHEL 8 : grafana (RHSA-2021:3771)	13 Oct 202100:00	–	nessus
Tenable Nessus	FreeBSD : Grafana -- Snapshot authentication bypass (757ee63b-269a-11ec-a616-6c3be5272acd)	28 Oct 202100:00	–	nessus
Tenable Nessus	Oracle Linux 8 : grafana (ELSA-2021-3771)	13 Oct 202100:00	–	nessus
Tenable Nessus	CentOS 8 : grafana (CESA-2021:3771)	15 Oct 202100:00	–	nessus
Tenable Nessus	Rocky Linux 8 : grafana (RLSA-2021:3771)	9 Feb 202200:00	–	nessus
Tenable Nessus	RHEL 8 : grafana (RHSA-2021:3769)	13 Oct 202100:00	–	nessus
Tenable Nessus	openSUSE 15 Security Update : grafana (openSUSE-SU-2022:0140-1)	21 Jan 202200:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
RedHat	8	aarch64	grafana	7.3.6-3.el8_4	grafana-7.3.6-3.el8_4.aarch64.rpm
RedHat	8	ppc64le	grafana	7.3.6-3.el8_4	grafana-7.3.6-3.el8_4.ppc64le.rpm
RedHat	8	s390x	grafana	7.3.6-3.el8_4	grafana-7.3.6-3.el8_4.s390x.rpm
RedHat	8	x86_64	grafana	7.3.6-3.el8_4	grafana-7.3.6-3.el8_4.x86_64.rpm
RedHat	8	aarch64	grafana-debuginfo	7.3.6-3.el8_4	grafana-debuginfo-7.3.6-3.el8_4.aarch64.rpm
RedHat	8	ppc64le	grafana-debuginfo	7.3.6-3.el8_4	grafana-debuginfo-7.3.6-3.el8_4.ppc64le.rpm
RedHat	8	s390x	grafana-debuginfo	7.3.6-3.el8_4	grafana-debuginfo-7.3.6-3.el8_4.s390x.rpm
RedHat	8	x86_64	grafana-debuginfo	7.3.6-3.el8_4	grafana-debuginfo-7.3.6-3.el8_4.x86_64.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2021-39226
access	www.access.redhat.com/security/updates/classification/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
github	www.github.com/grafana/grafana/security/advisories/GHSA-69j6-29vr-p3j9
grafana	www.grafana.com/blog/2021/10/05/grafana-7.5.11-and-8.1.6-released-with-critical-security-fix/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-39226
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog
cve	www.cve.org/CVERecord

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

12 Oct 2021 11:01Current

7.9High risk

Vulners AI Score7.9

CVSS26.8

CVSS37.3 - 9.8

EPSS0.9435

CWE-639