Grafana - Arbitrary File Read (CVE-2021-43798)

Severity
CVSSv3 Score: 7.5
CVE: CVE-2021-43798

Vulnerability description

Grafana server is affected by an Arbitrary File Read through a Path Traversal vulnerability, located in the /public/plugins/ endpoint. The root cause of this vulnerability consists in improper path normalization. All the versions affected are between 8.0.0-beta1 and 8.3.0.

Risk description

The risk exists that a remote unauthenticated attacker could exploit this vulnerability to read sensitive information from arbitrary files located on the file system of the server.

Exploit capabilities

Sniper can read arbitrary files from the target system and extract them as evidence.

Recommendation

Upgrade the Grafana server to the latest version or to a version higher or equal than 8.3.1, 8.2.7, 8.1.8, and 8.0.7.

References

https://nvd.nist.gov/vuln/detail/CVE-2021-43798

https://grafana.com/blog/2021/12/07/grafana-8.3.1-8.2.7-8.1.8-and-8.0.7-released-with-high-severity-security-fix/

Codename

Detectable with: Network Scanner
Exploitable with Sniper: Yes
Vuln date: Nov 2021
Published at: Jan 2022
Updated at: May 2022
Software Type: Monitoring system
Vendor: Grafana
Product: Labs