HomePentest-Tools.com Logo

Grafana OAuth Vulnerability (GHSA-mx47-6497-3fv2) CVE-2022-31107

Severity
CVSSv3 Score
7.5
Vulnerability description

Grafana is prone to a vulnerability in OAuth.

Risk description

It is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP to take over an existing Grafana account under some conditions.

Recommendation

Update to version 8.3.10, 8.4.10, 8.5.9, 9.0.3 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jul 15, 2022
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available