CVE-2021-28147

The team sync HTTP API in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service and having the EditorsCanAdmin feature enabled, this vulnerability allows any authenticated user to add external groups to any existing team. This can be used to grant a user team permissions that the user isn't supposed to have.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*

History

30 Apr 2021, 08:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20210430-0005/ -

26 Mar 2021, 17:19

Type Values Removed Values Added
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
CWE NVD-CWE-Other
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CWE NVD-CWE-Other
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CWE NVD-CWE-Other
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CWE NVD-CWE-Other
CWE NVD-CWE-Other
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CWE NVD-CWE-Other
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CWE NVD-CWE-Other
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/ - Release Notes, Vendor Advisory
References (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - (CONFIRM) https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - (MISC) https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/ - Release Notes, Vendor Advisory
References (MISC) https://grafana.com/products/enterprise/ - (MISC) https://grafana.com/products/enterprise/ - Product, Vendor Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - (MISC) https://www.openwall.com/lists/oss-security/2021/03/19/5 - Mailing List, Third Party Advisory
References (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - (MISC) https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724 - Vendor Advisory
References (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - (MISC) https://community.grafana.com/t/release-notes-v6-7-x/27119 - Release Notes, Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 6.5
CWE NVD-CWE-Other

22 Mar 2021, 16:11

Type Values Removed Values Added
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CWE NVD-CWE-Other
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CWE NVD-CWE-Other
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CWE NVD-CWE-Other
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CWE NVD-CWE-Other
CWE NVD-CWE-Other
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*
CVSS v2 : 3.5
v3 : 6.5
v2 : unknown
v3 : unknown
CWE NVD-CWE-Other

22 Mar 2021, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-03-22 15:15

Updated : 2021-04-30 08:15


NVD link : CVE-2021-28147

Mitre link : CVE-2021-28147


JSON object : View

Products Affected

grafana

  • grafana