Platform
grafana
Component
github.com/grafana/grafana
Fixed in
9.5.7
10.0.12
10.1.8
10.2.5
10.3.4
9.5.7
CVE-2024-1442 describes a privilege escalation vulnerability within Grafana. Attackers with the ability to create data sources can leverage this flaw to manage all data sources within the Grafana instance, potentially leading to unauthorized data access and configuration changes. This vulnerability impacts Grafana versions prior to 9.5.7, 10.0.12, 10.1.8, and 10.2.5; upgrading to a patched version is the recommended remediation.
The impact of CVE-2024-1442 stems from the ability of unauthorized users to manipulate Grafana's data source configurations. Data sources often contain credentials and connection details for external systems, such as databases, cloud services, and APIs. An attacker gaining control of these data sources could potentially access sensitive data stored within those systems, execute arbitrary queries, or even modify the underlying data. Furthermore, they could create malicious data sources to inject false data into dashboards or disrupt Grafana's functionality. The blast radius extends to any system accessible through Grafana's data sources, making this a significant security concern.
CVE-2024-1442 is not currently listed on KEV or EPSS. The CVSS score of 6 (Medium) suggests a moderate probability of exploitation. Public proof-of-concept exploits are not currently available, but the vulnerability's ease of exploitation makes it a potential target for opportunistic attackers. This CVE was published on 2024-06-05.
Exploit Status
EPSS
0.21% (43% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-1442 is to upgrade Grafana to version 9.5.7 or later. This patched version includes fixes to prevent unauthorized data source management. If an immediate upgrade is not feasible, consider implementing stricter access controls within Grafana to limit the number of users with data source creation permissions. Review existing data source configurations for any suspicious entries. While a WAF or proxy cannot directly address this vulnerability, they can be configured to monitor for unusual data source creation or modification attempts. After upgrading, verify the fix by attempting to create a data source with a user account that previously had data source creation permissions; the action should be denied.
Actualice Grafana a la versión 9.5.7 o superior, 10.0.12 o superior, 10.1.8 o superior, 10.2.5 o superior, o 10.3.4 o superior. Esto corrige la vulnerabilidad que permite a un usuario con permisos para crear fuentes de datos acceder a todas las fuentes de datos dentro de la organización. La actualización impedirá la creación de fuentes de datos con el UID establecido en *.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-1442 is a medium severity vulnerability in Grafana allowing users with data source creation permissions to manage all data sources, potentially leading to unauthorized data access and configuration changes.
You are affected if you are running Grafana versions before 9.5.7, 10.0.12, 10.1.8, or 10.2.5. Assess your Grafana deployment and upgrade accordingly.
Upgrade Grafana to version 9.5.7 or later. Implement stricter access controls to limit data source creation permissions if an immediate upgrade is not possible.
While no active exploitation has been confirmed, the vulnerability's ease of exploitation makes it a potential target. Monitor your Grafana instance for suspicious activity.
Refer to the official Grafana security advisory: https://grafana.com/security/advisories/CVE-2024-1442
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.