Lucene search
Rockylinux Product ErrataRLSA-2023:4030HistoryJul 19, 2023 - 5:53 p.m.
grafana security update
2023-07-1917:53:40
Rockylinux Product Errata
errata.rockylinux.org
24
grafana
security update
rocky linux 9
account takeover
azure ad oauth
cvss
vulnerability
0.001 Low
EPSS
Percentile
40.9%
An update is available for grafana.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
Security Fix(es):
- grafana: account takeover possible when using Azure AD OAuth (CVE-2023-3128)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| rocky | 9 | aarch64 | grafana | < 9.0.9-3.el9_2 | grafana-0:9.0.9-3.el9_2.aarch64.rpm |
| rocky | 9 | ppc64le | grafana | < 9.0.9-3.el9_2 | grafana-0:9.0.9-3.el9_2.ppc64le.rpm |
| rocky | 9 | s390x | grafana | < 9.0.9-3.el9_2 | grafana-0:9.0.9-3.el9_2.s390x.rpm |
| rocky | 9 | x86_64 | grafana | < 9.0.9-3.el9_2 | grafana-0:9.0.9-3.el9_2.x86_64.rpm |
| rocky | 9 | aarch64 | grafana-debuginfo | < 9.0.9-3.el9_2 | grafana-debuginfo-0:9.0.9-3.el9_2.aarch64.rpm |
| rocky | 9 | ppc64le | grafana-debuginfo | < 9.0.9-3.el9_2 | grafana-debuginfo-0:9.0.9-3.el9_2.ppc64le.rpm |
| rocky | 9 | s390x | grafana-debuginfo | < 9.0.9-3.el9_2 | grafana-debuginfo-0:9.0.9-3.el9_2.s390x.rpm |
| rocky | 9 | x86_64 | grafana-debuginfo | < 9.0.9-3.el9_2 | grafana-debuginfo-0:9.0.9-3.el9_2.x86_64.rpm |
| rocky | 9 | aarch64 | grafana-debugsource | < 9.0.9-3.el9_2 | grafana-debugsource-0:9.0.9-3.el9_2.aarch64.rpm |
| rocky | 9 | ppc64le | grafana-debugsource | < 9.0.9-3.el9_2 | grafana-debugsource-0:9.0.9-3.el9_2.ppc64le.rpm |
Related
nessus
nessus
RHEL 9 : grafana (RHSA-2023:4030)
2023-07-12 00:00:00
Oracle Linux 8 : grafana (ELSA-2023-6972)
2023-11-21 00:00:00
Oracle Linux 9 : grafana (ELSA-2023-4030)
2023-07-20 00:00:00
cve
cve
CVE-2023-3128
2023-06-22 21:15:09
alpinelinux
alpinelinux
CVE-2023-3128
2023-06-22 21:15:00
osv
osv
Grafana vulnerable to Authentication Bypass by Spoofing
2023-06-22 21:30:49
BIT-grafana-2023-3128
2024-03-06 10:53:06
Moderate: grafana security and enhancement update
2023-11-14 00:00:00
oraclelinux
oraclelinux
grafana security update
2023-07-19 00:00:00
grafana security and enhancement update
2023-11-17 00:00:00
almalinux
almalinux
Moderate: grafana security and enhancement update
2023-11-14 00:00:00
Critical: grafana security update
2023-07-12 00:00:00
prion
prion
Authentication flaw
2023-06-22 21:15:00
redhatcve
redhatcve
CVE-2023-3128
2023-06-23 03:16:58
openvas
openvas
veracode
veracode
Authentication Bypass
2023-07-05 10:26:37
github
github
Grafana vulnerable to Authentication Bypass by Spoofing
2023-06-22 21:30:49
redhat
redhat
(RHSA-2023:6972) Moderate: grafana security and enhancement update
2023-11-14 08:41:59
(RHSA-2023:4030) Critical: grafana security update
2023-07-12 03:05:36
freebsd
freebsd
Grafana -- Account takeover / authentication bypass
2023-06-22 00:00:00
cvelist
cvelist
CVE-2023-3128
2023-06-22 20:14:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2181
2023-07-04 13:37:03
thn
thn
redos
redos
ROS-20240404-01
2024-04-04 00:00:00