Vulnerability-Lookup

CVE-2022-39324 (GCVE-0-2022-39324)

Vulnerability from cvelistv5 – Published: 2023-01-27 22:42 – Updated: 2026-01-28 04:55

Title

Grafana vulnerable to spoofing originalUrl of snapshots

Summary

Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker’s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.

Severity ?

6.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/grafana/grafana/security/advis…	x_refsource_CONFIRM
	https://github.com/grafana/grafana/pull/60232	x_refsource_MISC
	https://github.com/grafana/grafana/pull/60256	x_refsource_MISC
	https://github.com/grafana/grafana/commit/239888f…	x_refsource_MISC
	https://github.com/grafana/grafana/commit/d7dcea7…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	grafana	grafana	Affected: < 8.5.16 Affected: >= 9.0.0, < 9.2.8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:00:44.040Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20230309-0010/"
          },
          {
            "name": "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw"
          },
          {
            "name": "https://github.com/grafana/grafana/pull/60232",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/grafana/grafana/pull/60232"
          },
          {
            "name": "https://github.com/grafana/grafana/pull/60256",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/grafana/grafana/pull/60256"
          },
          {
            "name": "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a"
          },
          {
            "name": "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-39324",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-27T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-28T04:55:22.240Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "grafana",
          "vendor": "grafana",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 8.5.16"
            },
            {
              "status": "affected",
              "version": "\u003e= 9.0.0, \u003c 9.2.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker\u2019s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-27T22:42:01.550Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw"
        },
        {
          "name": "https://github.com/grafana/grafana/pull/60232",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/grafana/grafana/pull/60232"
        },
        {
          "name": "https://github.com/grafana/grafana/pull/60256",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/grafana/grafana/pull/60256"
        },
        {
          "name": "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a"
        },
        {
          "name": "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c"
        }
      ],
      "source": {
        "advisory": "GHSA-4724-7jwc-3fpw",
        "discovery": "UNKNOWN"
      },
      "title": "Grafana vulnerable to spoofing originalUrl of snapshots"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-39324",
    "datePublished": "2023-01-27T22:42:01.550Z",
    "dateReserved": "2022-09-02T14:16:35.872Z",
    "dateUpdated": "2026-01-28T04:55:22.240Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20230309-0010/\"}, {\"url\": \"https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw\", \"name\": \"https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/grafana/grafana/pull/60232\", \"name\": \"https://github.com/grafana/grafana/pull/60232\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/grafana/grafana/pull/60256\", \"name\": \"https://github.com/grafana/grafana/pull/60256\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a\", \"name\": \"https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c\", \"name\": \"https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T12:00:44.040Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-39324\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-01T15:45:24.258579Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-01T15:45:33.233Z\"}}], \"cna\": {\"title\": \"Grafana vulnerable to spoofing originalUrl of snapshots\", \"source\": {\"advisory\": \"GHSA-4724-7jwc-3fpw\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"grafana\", \"product\": \"grafana\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 8.5.16\"}, {\"status\": \"affected\", \"version\": \"\u003e= 9.0.0, \u003c 9.2.8\"}]}], \"references\": [{\"url\": \"https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw\", \"name\": \"https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/grafana/grafana/pull/60232\", \"name\": \"https://github.com/grafana/grafana/pull/60232\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/grafana/grafana/pull/60256\", \"name\": \"https://github.com/grafana/grafana/pull/60256\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a\", \"name\": \"https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c\", \"name\": \"https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker\\u2019s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2023-01-27T22:42:01.550Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-39324\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-28T04:55:22.240Z\", \"dateReserved\": \"2022-09-02T14:16:35.872Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2023-01-27T22:42:01.550Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

bit-grafana-2022-39324

Vulnerability from bitnami_vulndb

Published

2024-03-06 10:54

Modified

2025-05-20 10:02

Summary

Grafana vulnerable to spoofing originalUrl of snapshots

Details

Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the originalUrl parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The Open original dashboard button no longer points to the to the real original dashboard but to the attacker’s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Bitnami",
        "name": "grafana",
        "purl": "pkg:bitnami/grafana"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.5.16"
            },
            {
              "introduced": "9.0.0"
            },
            {
              "fixed": "9.2.8"
            }
          ],
          "type": "SEMVER"
        }
      ],
      "severity": [
        {
          "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
          "type": "CVSS_V3"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-39324"
  ],
  "database_specific": {
    "cpes": [
      "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*"
    ],
    "severity": "Low"
  },
  "details": "Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker\u2019s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.",
  "id": "BIT-grafana-2022-39324",
  "modified": "2025-05-20T10:02:07.006Z",
  "published": "2024-03-06T10:54:38.067Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a"
    },
    {
      "type": "WEB",
      "url": "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c"
    },
    {
      "type": "WEB",
      "url": "https://github.com/grafana/grafana/pull/60232"
    },
    {
      "type": "WEB",
      "url": "https://github.com/grafana/grafana/pull/60256"
    },
    {
      "type": "WEB",
      "url": "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20230309-0010/"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39324"
    }
  ],
  "schema_version": "1.5.0",
  "summary": "Grafana vulnerable to spoofing originalUrl of snapshots"
}

GHSA-4724-7JWC-3FPW

Vulnerability from github – Published: 2024-05-14 22:29 – Updated: 2024-07-08 20:59

Summary

Grafana Spoofing originalUrl of snapshots

Details

To create a snapshot (and insert an arbitrary URL) the built-in role Viewer is sufficient. When a dashboard is shared as a local snapshot, the following three fields are offered in the web UI for a user to fill out: • Snapshotname • Expire • Timeout(seconds) After the user confirms creation of the snapshot (i.e. clicks the ”Local Snapshot” button) an HTTP POST request is sent to the Grafana server. The HTTP request contains additional parameters that are not visible in the web UI. The parameter originalUrl is not visible in the web UI, but sent in the HTTP POST request.

The value of the originalUrl parameter is automatically generated. The purpose of the presented originalUrl parameter is to provide a user that views the snapshot the possibility to click on the button in the Grafana web UI and be presented with the dashboard that the snapshot was made out of.

The value of the originalUrl parameter can be arbitrarily chosen by a malicious user that creates the snapshot (Note: by editing the query thanks to a web proxy like Burp) When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The issue here is that the ”Open original dashboard” button no longer points to the to the real original dashboard but to the attacker’s (injected) URL.

Severity ?

6.7 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L

5.3 (Medium)


                  
                    CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/grafana/grafana"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0"
            },
            {
              "fixed": "9.2.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/grafana/grafana"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.5.16"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-39324"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-14T22:29:26Z",
    "nvd_published_at": "2023-01-27T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "To create a snapshot (and insert an arbitrary URL) the built-in role Viewer is sufficient.\nWhen a dashboard is shared as a local snapshot, the following three fields are offered in the web UI for a user to fill out:\n\u2022 Snapshotname\n\u2022 Expire\n\u2022 Timeout(seconds)\nAfter the user confirms creation of the snapshot (i.e. clicks the \u201dLocal Snapshot\u201d button) an HTTP POST request is sent to the Grafana server. The HTTP request contains additional parameters that are not visible in the web UI. The parameter originalUrl is not visible in the web UI, but sent in the HTTP POST request.\n\nThe value of the originalUrl parameter is automatically generated. The purpose of the presented originalUrl parameter is to provide a user that views the snapshot the possibility to click on the button in the Grafana web UI and be presented with the dashboard that the snapshot was made out of.\n\nThe value of the originalUrl parameter can be arbitrarily chosen by a malicious user that creates the snapshot (Note: by editing the query thanks to a web proxy like Burp)\nWhen another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The issue here is that the \u201dOpen original dashboard\u201d button no longer points to the to the real original dashboard but to the attacker\u2019s (injected) URL.",
  "id": "GHSA-4724-7jwc-3fpw",
  "modified": "2024-07-08T20:59:51Z",
  "published": "2024-05-14T22:29:26Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39324"
    },
    {
      "type": "WEB",
      "url": "https://github.com/grafana/grafana/pull/60232"
    },
    {
      "type": "WEB",
      "url": "https://github.com/grafana/grafana/pull/60256"
    },
    {
      "type": "WEB",
      "url": "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a"
    },
    {
      "type": "WEB",
      "url": "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/grafana/grafana"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Grafana Spoofing originalUrl of snapshots"
}

GSD-2022-39324

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-39324

Aliases

CVE-2022-39324

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-39324",
    "description": "Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker\u2019s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.",
    "id": "GSD-2022-39324",
    "references": [
      "https://www.suse.com/security/cve/CVE-2022-39324.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-39324"
      ],
      "details": "Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker\u2019s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.",
      "id": "GSD-2022-39324",
      "modified": "2023-12-13T01:19:20.446669Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2022-39324",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "grafana",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "\u003c 8.5.16"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "\u003e= 9.0.0, \u003c 9.2.8"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "grafana"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker\u2019s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-79",
                "lang": "eng",
                "value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw",
            "refsource": "MISC",
            "url": "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw"
          },
          {
            "name": "https://github.com/grafana/grafana/pull/60232",
            "refsource": "MISC",
            "url": "https://github.com/grafana/grafana/pull/60232"
          },
          {
            "name": "https://github.com/grafana/grafana/pull/60256",
            "refsource": "MISC",
            "url": "https://github.com/grafana/grafana/pull/60256"
          },
          {
            "name": "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a",
            "refsource": "MISC",
            "url": "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a"
          },
          {
            "name": "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c",
            "refsource": "MISC",
            "url": "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-4724-7jwc-3fpw",
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.2.8",
                "versionStartIncluding": "9.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.5.16",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-39324"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker\u2019s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw"
            },
            {
              "name": "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a"
            },
            {
              "name": "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c"
            },
            {
              "name": "https://github.com/grafana/grafana/pull/60232",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/grafana/grafana/pull/60232"
            },
            {
              "name": "https://github.com/grafana/grafana/pull/60256",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/grafana/grafana/pull/60256"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.1,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2023-02-07T20:17Z",
      "publishedDate": "2023-01-27T23:15Z"
    }
  }
}

FKIE_CVE-2022-39324

Vulnerability from fkie_nvd - Published: 2023-01-27 23:15 - Updated: 2024-11-21 07:18

Severity ?

6.7 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
3.5 (Low) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/grafana/grafana/pull/60232	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/grafana/grafana/pull/60256	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/grafana/grafana/pull/60232	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/grafana/grafana/pull/60256	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20230309-0010/

Impacted products

	Vendor	Product	Version
	grafana	grafana	*
	grafana	grafana	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "777B6454-25E4-4999-8CD8-650913FF7566",
              "versionEndExcluding": "8.5.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A9BAE29-AD6B-44E0-9FCE-2857E432FE2A",
              "versionEndExcluding": "9.2.8",
              "versionStartIncluding": "9.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker\u2019s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8."
    },
    {
      "lang": "es",
      "value": "Grafana es una plataforma de c\u00f3digo abierto para monitoreo y observabilidad. Antes de las versiones 8.5.16 y 9.2.8, los usuarios malintencionados pod\u00edan crear una instant\u00e1nea y elegir arbitrariamente el par\u00e1metro \"originalUrl\" editando la consulta, gracias a un proxy web. Cuando otro usuario abra la URL de la instant\u00e1nea, se le presentar\u00e1 la interfaz web normal proporcionada por el servidor confiable de Grafana. El bot\u00f3n \"Abrir panel original\" ya no apunta al panel original real sino a la URL inyectada por el atacante. Este problema se solucion\u00f3 en las versiones 8.5.16 y 9.2.8."
    }
  ],
  "id": "CVE-2022-39324",
  "lastModified": "2024-11-21T07:18:02.360",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.5,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-01-27T23:15:08.723",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/pull/60232"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/pull/60256"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/pull/60232"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/pull/60256"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20230309-0010/"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

CVE-2022-39324

Vulnerability from fstec - Published: 27.01.2023

Title

Уязвимость платформы для мониторинга и наблюдения Grafana, связанная с неправильной нейтрализацией ввода во время создания веб-страницы, позволяющая нарушителю внедрять введенный URL-адреса

Description

Уязвимость платформы для мониторинга и наблюдения Grafana связана с созданием снимка и произвольно выбора параметр «originalUrl», отредактировав запрос, благодаря веб-прокси. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, внедрять введенный URL-адреса

Severity ?


                    
                      AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Vendor

ООО «Ред Софт», Grafana Labs

Software Name

РЕД ОС (запись в едином реестре российских программ №3751), Grafana

Software Version

7.3 (РЕД ОС), до 8.5.16 (Grafana), от 9.0.0 до 9.2.8 (Grafana)

Possible Mitigations

Для grafana: https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/

Reference

https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a https://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c https://redos.red-soft.ru/support/secure/

CWE

CWE-79

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, Grafana Labs",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), \u0434\u043e 8.5.16 (Grafana), \u043e\u0442 9.0.0 \u0434\u043e 9.2.8 (Grafana)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f grafana:\nhttps://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a\nhttps://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.01.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "05.04.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "05.04.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-02614",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-39324",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Grafana",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0434\u043b\u044f \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f Grafana, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u0432\u0432\u043e\u0434\u0430 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u0439 URL-\u0430\u0434\u0440\u0435\u0441\u0430",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435 \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b (\u0438\u043b\u0438 \\\u00ab\u041c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u0430\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430\\\u00bb) (CWE-79)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0434\u043b\u044f \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f Grafana \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435\u043c \u0441\u043d\u0438\u043c\u043a\u0430 \u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e \u0432\u044b\u0431\u043e\u0440\u0430 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u00aboriginalUrl\u00bb, \u043e\u0442\u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0432 \u0437\u0430\u043f\u0440\u043e\u0441, \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0432\u0435\u0431-\u043f\u0440\u043e\u043a\u0441\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u0439 URL-\u0430\u0434\u0440\u0435\u0441\u0430",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a\nhttps://github.com/grafana/grafana/commit/d7dcea71ea763780dc286792a0afd560bff2985c\nhttps://redos.red-soft.ru/support/secure/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-79",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4)\n\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 3,5)"
}

CVE-2022-39324

Vulnerability from osv_almalinux

Published

2023-11-07 00:00

Modified

2023-11-14 12:05

Summary

Moderate: grafana security and enhancement update

Details

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.

Security Fix(es):

grafana: persistent xss in grafana core plugins (CVE-2022-23552)
grafana: plugin signature bypass (CVE-2022-31123)
grafana: data source and plugin proxy endpoints leaking authentication tokens to some destination plugins (CVE-2022-31130)
grafana: Data source and plugin proxy endpoints could leak the authentication cookie to some destination plugins (CVE-2022-39201)
grafana: email addresses and usernames cannot be trusted (CVE-2022-39306)
grafana: User enumeration via forget password (CVE-2022-39307)
grafana: Spoofing of the originalUrl parameter of snapshots (CVE-2022-39324)
golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
golang: net/http, net/textproto: denial of service from excessive memory allocation (CVE-2023-24534)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "grafana"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "9.2.10-7.el9_3.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB \u0026 OpenTSDB. \n\nSecurity Fix(es):\n\n* grafana: persistent xss in grafana core plugins (CVE-2022-23552)\n* grafana: plugin signature bypass (CVE-2022-31123)\n* grafana: data source and plugin proxy endpoints leaking authentication tokens to some destination plugins (CVE-2022-31130)\n* grafana: Data source and plugin proxy endpoints could leak the authentication cookie to some destination plugins (CVE-2022-39201)\n* grafana: email addresses and usernames cannot be trusted (CVE-2022-39306)\n* grafana: User enumeration via forget password (CVE-2022-39307)\n* grafana: Spoofing of the originalUrl parameter of snapshots (CVE-2022-39324)\n* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n* golang: net/http, net/textproto: denial of service from excessive memory allocation (CVE-2023-24534)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
  "id": "ALSA-2023:6420",
  "modified": "2023-11-14T12:05:09Z",
  "published": "2023-11-07T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2023:6420"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-23552"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-31123"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-31130"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-39201"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-39306"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-39307"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-39324"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-41717"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-24534"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2131146"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2131147"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2131148"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2138014"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2138015"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2148252"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2158420"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2161274"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2184483"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2023-6420.html"
    }
  ],
  "related": [
    "CVE-2022-23552",
    "CVE-2022-31123",
    "CVE-2022-31130",
    "CVE-2022-39201",
    "CVE-2022-39306",
    "CVE-2022-39307",
    "CVE-2022-39324",
    "CVE-2022-41717",
    "CVE-2023-24534"
  ],
  "summary": "Moderate: grafana security and enhancement update"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-39324 (GCVE-0-2022-39324)

bit-grafana-2022-39324

Vulnerability from bitnami_vulndb

GHSA-4724-7JWC-3FPW

GSD-2022-39324

FKIE_CVE-2022-39324

CVE-2022-39324

CVE-2022-39324

Vulnerability from osv_almalinux

Tags

Sightings

Nomenclature