CVE-2022-35957 – Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1 …

20 September 2022

Vuln ID: CVE-2022-35957

Published: 2022-09-20 23:15:09Z

Description: Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/

Source: NVD.NIST.GOV

Date:

20 September 2022

Categorie(s):

NVD

Tag(s):

NVD

Hackers Target Middle East Governments with Evasive “CR4T” Backdoor19 April 2024
6 Surprising Ways Hackers Can Exploit Your Smart Home Devices19 April 2024
Protobom: Open-source software supply chain tool19 April 2024
The key pillars of domain security19 April 2024
Fraudsters abused Apple Stores’ third-party pickup policy to phish for profits19 April 2024