FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Grafana -- Account takeover / authentication bypass

Affected packages
6.7.0 <= grafana < 8.5.27
9.0.0 <= grafana < 9.2.20
9.3.0 <= grafana < 9.3.16
9.4.0 <= grafana < 9.4.13
9.5.0 <= grafana < 9.5.5
10.0.0 <= grafana < 10.0.1
grafana8 < 8.5.27
grafana9 < 9.2.20
9.3.0 <= grafana9 < 9.3.16
9.4.0 <= grafana9 < 9.4.13
9.5.0 <= grafana9 < 9.5.5
grafana10 < 10.0.1

Details

VuXML ID fdbe9aec-118b-11ee-908a-6c3be5272acd
Discovery 2023-06-22
Entry 2023-06-23

Grafana Labs reports:

Grafana validates Azure Active Directory accounts based on the email claim. On Azure AD, the profile email field is not unique across Azure AD tenants. This can enable a Grafana account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant Azure AD OAuth application.

The CVSS score for this vulnerability is 9.4 Critical.

[source]

References

CVE Name CVE-2023-3128
URL https://grafana.com/security/security-advisories/cve-2023-3128

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.