12 matches found
grafana security update
9.2.10-30.0.1 - Fixes CVE-2024-1442 Add email verification when updating user email Orabug: 38550520 9.2.10-30 - Resolves RHEL-166519: CVE-2026-32282 - Resolves RHEL-167380: CVE-2026-32280 - Resolves RHEL-167542: CVE-2026-32283...
grafana security update
9.2.10-26.0.1 - Fixes CVE-2024-1442 Add email verification when updating user email Orabug: 38550520 9.2.10-26 - Resolves RHEL-125664: CVE-2025-58183 - Resolves RHEL-132759: Grafana-selinux prevents plugins from searching cgroups...
Linux Distros Unpatched Vulnerability : CVE-2024-1442
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read,...
Security Bulletin: IBM Storage Ceph is vulnerable to Improper Privilege Management in Grafana (CVE-2024-1442)
Summary Grafana is used by IBM Storage Ceph as a metrics dashboard. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2024-1442. Vulnerability Details CVEID:CVE-2024-1442 DESCRIPTION: Grafana could allow a remote authenticated attacker to bypass security...
Grafana Labs 10.0.x < 10.0.12 / 10.1.x < 10.1.8 / 10.2.x < 10.2.5 / 10.3.x < 10.3.4 / 8.5.x < 9.5.7 (CVE-2024-1442)
The version of Grafana Labs installed on the remote host is prior to 10.0.12, 10.1.8, 10.2.5, 10.3.4, or 9.5.7. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1442 advisory. - A user with the permissions to create a data source can use Grafana API to create a data...
CVE-2024-1442
creationtimestamp| type| source ---|---|--- 2024-03-07 19:27:13+00:00| seen| https://t.me/ctinow/202699 2024-03-07 19:27:15+00:00| seen| https://t.me/ctinow/202701 2024-03-07 20:46:39+00:00| seen| https://t.me/ctinow/202763 2024-08-04 17:05:44+00:00| seen|...
CVE-2024-1442 vulnerabilities
Vulnerabilities for packages: grafana...
CVE-2024-1442
A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization...
CVE-2024-1442 vulnerabilities
Vulnerabilities for packages: grafana-fips...
CVE-2024-1442 User with permissions to create a data source can CRUD all data sources
A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization...
CVE-2024-1442 User with permissions to create a data source can CRUD all data sources
A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization...
CVE-2024-1442
CVE-2024-1442 affects Grafana. A user with permission to create a data source can abuse the Grafana API to create a data source with UID set to *, granting the attacker read, query, edit, and delete rights across all data sources in the organization. This is a privilege escalation/compromise of d...