Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-9476

Опубликовано: 14 нояб. 2024
Источник: redhat
CVSS3: 4.9
EPSS Низкий

Описание

A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.

Отчет

This vulnerability doesn't affect any version of Grafana as shipped with any supported Red Hat product. The affected upstream version is 11.2 while Red Hat doesn't ship such version.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10grafanaNot affected
Red Hat Enterprise Linux 8grafanaNot affected
Red Hat Enterprise Linux 9grafanaNot affected
Red Hat Storage 3grafanaNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2322639grafana: Privilege escalation vulnerability in Grafana Migration Assistance

EPSS

Процентиль: 1%
0.00012
Низкий

4.9 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-9476

ubuntu
12 месяцев назад

A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.

nvd логотип

CVE-2024-9476

nvd
12 месяцев назад

A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.

debian логотип

CVE-2024-9476

debian
12 месяцев назад

A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Priv ...

github логотип

GHSA-h493-wm58-vgvj

github
12 месяцев назад

A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.

fstec логотип

BDU:2024-09900

CVSS3: 4.2
fstec
около 1 года назад

Уязвимость функции Organizations платформы для мониторинга и наблюдения Grafana, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 1%
0.00012
Низкий

4.9 Medium

CVSS3