CVE-2021-43813

{"id": "CVE-2021-43813", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2021-12-10T18:15:08.260", "references": [{"url": "http://www.openwall.com/lists/oss-security/2021/12/10/4", "tags": ["Mailing List", "Patch", "Release Notes", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/github/securitylab-vulnerabilities/commit/689fc5d9fd665be4d5bba200a6a433b532172d0f", "tags": ["Broken Link"], "source": "security-advisories@github.com"}, {"url": "https://github.com/grafana/grafana/commit/fd48aee61e4328aae8d5303a9efd045fa0ca308d", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q", "tags": ["Patch", "Release Notes", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/", "tags": ["Patch", "Release Notes", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-12/", "tags": ["Release Notes", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-2/", "tags": ["Release Notes", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://security.netapp.com/advisory/ntap-20220107-0006/", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. For users who cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. Alternatively, for fully lowercase or fully uppercase .md files, users can block /api/plugins/.*/markdown/.* without losing any functionality beyond inlined plugin help text."}, {"lang": "es", "value": "Grafana es una plataforma de c\u00f3digo abierto para la monitorizaci\u00f3n y la observabilidad. Grafana versiones anteriores a 8.3.2 y 7.5.12, contiene una vulnerabilidad de salto de directorio para archivos .md completamente en min\u00fasculas o en may\u00fasculas. La vulnerabilidad presenta un alcance limitado y s\u00f3lo permite el acceso a los archivos con la extensi\u00f3n .md a usuarios autentificados. Las instancias de Grafana Cloud no han sido afectadas por la vulnerabilidad. Los usuarios deben actualizar a las versiones parcheadas 8.3.2 o 7.5.12. Para usuarios que no puedan actualizar, la ejecuci\u00f3n de un proxy inverso frente a Grafana que normalice el PATH de la petici\u00f3n mitigar\u00e1 la vulnerabilidad. El proxy tambi\u00e9n tendr\u00e1 que ser capaz de manejar rutas codificadas con url. Alternativamente, para archivos .md completamente en min\u00fasculas o en may\u00fasculas, los usuarios pueden bloquear /api/plugins/.*/markdown/.* sin perder ninguna funcionalidad m\u00e1s all\u00e1 del texto de ayuda del plugin alineado"}], "lastModified": "2022-03-31T16:31:19.643", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8A7F175-5768-4685-A192-25B4D97FF0CC", "versionEndExcluding": "7.5.12", "versionStartIncluding": "5.0.0"}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "072437F7-4A16-4373-9026-7C20B0D2AFB8", "versionEndExcluding": "8.3.2", "versionStartIncluding": "8.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}